Duplicate openssl rsautl -encrypt –in mytext.txt -out mytest.enc -inkey mycertificate.cer -certin –pkcs
See more OpenSSL Examples
Demonstrates how to duplicate this OpenSSL command:openssl.exe rsautl -encrypt –in mytext.txt -out mytest.enc -inkey mycertificate.cer -certin –pkcs
Important: The RSA encryption algorithm produces different results for each call, even when encrypting the same data with the same key. Decryption however, will produce the correct results. This example demonstrates.
The reason this occurs is that RSA encryption uses PKCS1 v1.5 padding, and this padding scheme uses random bytes. It is random bytes in the padding that causes the result to be different each time.
The mytext.txt file is a small file. (RSA can only be used to encrypt or sign small amounts of data.)
How much data can be encrypted with "openssl rsautl"? The maximum size (in bytes) is the key size minus the overhead for the padding. The overhead size depends on the padding. With OAEP padding, the overhead is 42 bytes. With the default PKCSv1.5 padding, the overhead is 11 bytes.
Given a 2048-bit RSA key (256 bytes) and using PKCSv1.5 padding, the max data size that can be signed is 256 - 11 = 245 bytes.
Chilkat PowerBuilder Downloads
integer li_rc
integer li_Success
oleobject loo_Cert
oleobject loo_Bd
oleobject loo_Rsa
oleobject loo_Pubkey
integer li_BUsePrivateKey
li_Success = 0
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
loo_Cert = create oleobject
li_rc = loo_Cert.ConnectToNewObject("Chilkat.Cert")
if li_rc < 0 then
destroy loo_Cert
MessageBox("Error","Connecting to COM object failed")
return
end if
// Load the certificate from a file.
li_Success = loo_Cert.LoadFromFile("mycertificate.cer")
if li_Success = 0 then
Write-Debug loo_Cert.LastErrorText
destroy loo_Cert
return
end if
// Load the file to be encrypted.
loo_Bd = create oleobject
li_rc = loo_Bd.ConnectToNewObject("Chilkat.BinData")
li_Success = loo_Bd.LoadFile("mytext.txt")
loo_Rsa = create oleobject
li_rc = loo_Rsa.ConnectToNewObject("Chilkat.Rsa")
// Get the cert's public key.
loo_Pubkey = create oleobject
li_rc = loo_Pubkey.ConnectToNewObject("Chilkat.PublicKey")
loo_Cert.GetPublicKey(loo_Pubkey)
// Import the public key into the RSA component:
li_Success = loo_Rsa.UsePublicKey(loo_Pubkey)
if li_Success <> 1 then
Write-Debug loo_Rsa.LastErrorText
destroy loo_Cert
destroy loo_Bd
destroy loo_Rsa
destroy loo_Pubkey
return
end if
// OpenSSL uses big-endian.
loo_Rsa.LittleEndian = 0
// Encrypt the contents of bd, replacing it with the encrypted data.
li_BUsePrivateKey = 0
li_Success = loo_Rsa.EncryptBd(loo_Bd,li_BUsePrivateKey)
if li_Success = 0 then
Write-Debug loo_Rsa.LastErrorText
destroy loo_Cert
destroy loo_Bd
destroy loo_Rsa
destroy loo_Pubkey
return
end if
// Save the RSA encrypted data to a file.
li_Success = loo_Bd.WriteFile("mytest.enc")
if li_Success <> 1 then
Write-Debug "Failed to write RSA encrypted output file."
destroy loo_Cert
destroy loo_Bd
destroy loo_Rsa
destroy loo_Pubkey
return
end if
Write-Debug "Success."
destroy loo_Cert
destroy loo_Bd
destroy loo_Rsa
destroy loo_Pubkey