How to encrypt public key with rc4 in openssl? [closed]












0















I have found this way of generating rsa public key with openssl and encrypting it with aes:



openssl genrsa -aes256 -out public.pem 4096



how could i do the same with rc4:



openssl genrsa -rc4 -out public.pem 4096

Generating RSA private key, 4096 bit long modulus
...............................................................................................................................++
...............................++
e is 65537 (0x010001)
140272337293760:error:09069071:PEM routines:PEM_ASN1_write_bio:unsupported cipher:../crypto/pem/pem_lib.c:309:



is there any way to do this?










share|improve this question













closed as off-topic by James K Polk, Dijkgraaf, CozyAzure, Mark, EdChum Nov 23 '18 at 9:27


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Questions about general computing hardware and software are off-topic for Stack Overflow unless they directly involve tools used primarily for programming. You may be able to get help on Super User." – James K Polk, Dijkgraaf, CozyAzure, EdChum

If this question can be reworded to fit the rules in the help center, please edit the question.





















    0















    I have found this way of generating rsa public key with openssl and encrypting it with aes:



    openssl genrsa -aes256 -out public.pem 4096



    how could i do the same with rc4:



    openssl genrsa -rc4 -out public.pem 4096

    Generating RSA private key, 4096 bit long modulus
    ...............................................................................................................................++
    ...............................++
    e is 65537 (0x010001)
    140272337293760:error:09069071:PEM routines:PEM_ASN1_write_bio:unsupported cipher:../crypto/pem/pem_lib.c:309:



    is there any way to do this?










    share|improve this question













    closed as off-topic by James K Polk, Dijkgraaf, CozyAzure, Mark, EdChum Nov 23 '18 at 9:27


    This question appears to be off-topic. The users who voted to close gave this specific reason:


    • "Questions about general computing hardware and software are off-topic for Stack Overflow unless they directly involve tools used primarily for programming. You may be able to get help on Super User." – James K Polk, Dijkgraaf, CozyAzure, EdChum

    If this question can be reworded to fit the rules in the help center, please edit the question.



















      0












      0








      0








      I have found this way of generating rsa public key with openssl and encrypting it with aes:



      openssl genrsa -aes256 -out public.pem 4096



      how could i do the same with rc4:



      openssl genrsa -rc4 -out public.pem 4096

      Generating RSA private key, 4096 bit long modulus
      ...............................................................................................................................++
      ...............................++
      e is 65537 (0x010001)
      140272337293760:error:09069071:PEM routines:PEM_ASN1_write_bio:unsupported cipher:../crypto/pem/pem_lib.c:309:



      is there any way to do this?










      share|improve this question














      I have found this way of generating rsa public key with openssl and encrypting it with aes:



      openssl genrsa -aes256 -out public.pem 4096



      how could i do the same with rc4:



      openssl genrsa -rc4 -out public.pem 4096

      Generating RSA private key, 4096 bit long modulus
      ...............................................................................................................................++
      ...............................++
      e is 65537 (0x010001)
      140272337293760:error:09069071:PEM routines:PEM_ASN1_write_bio:unsupported cipher:../crypto/pem/pem_lib.c:309:



      is there any way to do this?







      openssl rsa rc4-cipher






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 22 '18 at 20:31









      B1ZONB1ZON

      81




      81




      closed as off-topic by James K Polk, Dijkgraaf, CozyAzure, Mark, EdChum Nov 23 '18 at 9:27


      This question appears to be off-topic. The users who voted to close gave this specific reason:


      • "Questions about general computing hardware and software are off-topic for Stack Overflow unless they directly involve tools used primarily for programming. You may be able to get help on Super User." – James K Polk, Dijkgraaf, CozyAzure, EdChum

      If this question can be reworded to fit the rules in the help center, please edit the question.







      closed as off-topic by James K Polk, Dijkgraaf, CozyAzure, Mark, EdChum Nov 23 '18 at 9:27


      This question appears to be off-topic. The users who voted to close gave this specific reason:


      • "Questions about general computing hardware and software are off-topic for Stack Overflow unless they directly involve tools used primarily for programming. You may be able to get help on Super User." – James K Polk, Dijkgraaf, CozyAzure, EdChum

      If this question can be reworded to fit the rules in the help center, please edit the question.
























          1 Answer
          1






          active

          oldest

          votes


















          1














          The command you are using generates a RSA key pair (private and public) and not a public key. Encrypting a public key usually doesn't make sense, because it should be public.



          If you want to encrypt the key pair, OpenSSL doesn't support RC4 for PEM encryption, but you can encrypt the key file, using openssl encryption.



          openssl rc4 -in keypair.pem -out keypair.enc -pbkdf2


          If you want to use the keys, you'll have to decrypt them:



          openssl rc4 -d -in keypair.enc -out keypair.pem -pbkdf2


          Note that pbkdf2 option is recommended but not mandatory. Also, pbkdf2 is supported only in the latest OpenSSL version, 1.1.1, if you are using a older version, you have to drop the option.



          openssl rc4 -in keypair.enc -out keypair.pem


          If you really want to encrypt a public key, you'll have to extract the public key from the key pair:



          openssl rsa -in keypair.pem -out pub.pem -pubout


          And encrypt it:



          openssl rc4 -in pub.pem -out pub.enc -pbkdf2





          share|improve this answer


























          • Mostly concur, and welcome, but: enc -pbkdf2 is only in 1.1.1 released 2 months ago; many environments (distros etc) aren't that fast so you may need to build yourself. Without -pbkdf2 or in lower versions it uses EVP_BytesToKey with 1 iteration which is bad -- but no worse than legacy-PEM encryption. For pkcs12 -export the option is -nocerts (with s), but -rc4 (or any -cipher) applies only to import i.e. P12-to-PEM; it is ignored for export. The export option is -keypbe cipher and that fails for rc4, just like pkcs8 -topk8 and pkey and genpkey do.

            – dave_thompson_085
            Nov 23 '18 at 10:30













          • Thanks for the comment. You are right. I updated the answer to remove the pkcs#12 and explain the pbkdf2 option.

            – Lucas Martins
            Nov 23 '18 at 10:59


















          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          1














          The command you are using generates a RSA key pair (private and public) and not a public key. Encrypting a public key usually doesn't make sense, because it should be public.



          If you want to encrypt the key pair, OpenSSL doesn't support RC4 for PEM encryption, but you can encrypt the key file, using openssl encryption.



          openssl rc4 -in keypair.pem -out keypair.enc -pbkdf2


          If you want to use the keys, you'll have to decrypt them:



          openssl rc4 -d -in keypair.enc -out keypair.pem -pbkdf2


          Note that pbkdf2 option is recommended but not mandatory. Also, pbkdf2 is supported only in the latest OpenSSL version, 1.1.1, if you are using a older version, you have to drop the option.



          openssl rc4 -in keypair.enc -out keypair.pem


          If you really want to encrypt a public key, you'll have to extract the public key from the key pair:



          openssl rsa -in keypair.pem -out pub.pem -pubout


          And encrypt it:



          openssl rc4 -in pub.pem -out pub.enc -pbkdf2





          share|improve this answer


























          • Mostly concur, and welcome, but: enc -pbkdf2 is only in 1.1.1 released 2 months ago; many environments (distros etc) aren't that fast so you may need to build yourself. Without -pbkdf2 or in lower versions it uses EVP_BytesToKey with 1 iteration which is bad -- but no worse than legacy-PEM encryption. For pkcs12 -export the option is -nocerts (with s), but -rc4 (or any -cipher) applies only to import i.e. P12-to-PEM; it is ignored for export. The export option is -keypbe cipher and that fails for rc4, just like pkcs8 -topk8 and pkey and genpkey do.

            – dave_thompson_085
            Nov 23 '18 at 10:30













          • Thanks for the comment. You are right. I updated the answer to remove the pkcs#12 and explain the pbkdf2 option.

            – Lucas Martins
            Nov 23 '18 at 10:59
















          1














          The command you are using generates a RSA key pair (private and public) and not a public key. Encrypting a public key usually doesn't make sense, because it should be public.



          If you want to encrypt the key pair, OpenSSL doesn't support RC4 for PEM encryption, but you can encrypt the key file, using openssl encryption.



          openssl rc4 -in keypair.pem -out keypair.enc -pbkdf2


          If you want to use the keys, you'll have to decrypt them:



          openssl rc4 -d -in keypair.enc -out keypair.pem -pbkdf2


          Note that pbkdf2 option is recommended but not mandatory. Also, pbkdf2 is supported only in the latest OpenSSL version, 1.1.1, if you are using a older version, you have to drop the option.



          openssl rc4 -in keypair.enc -out keypair.pem


          If you really want to encrypt a public key, you'll have to extract the public key from the key pair:



          openssl rsa -in keypair.pem -out pub.pem -pubout


          And encrypt it:



          openssl rc4 -in pub.pem -out pub.enc -pbkdf2





          share|improve this answer


























          • Mostly concur, and welcome, but: enc -pbkdf2 is only in 1.1.1 released 2 months ago; many environments (distros etc) aren't that fast so you may need to build yourself. Without -pbkdf2 or in lower versions it uses EVP_BytesToKey with 1 iteration which is bad -- but no worse than legacy-PEM encryption. For pkcs12 -export the option is -nocerts (with s), but -rc4 (or any -cipher) applies only to import i.e. P12-to-PEM; it is ignored for export. The export option is -keypbe cipher and that fails for rc4, just like pkcs8 -topk8 and pkey and genpkey do.

            – dave_thompson_085
            Nov 23 '18 at 10:30













          • Thanks for the comment. You are right. I updated the answer to remove the pkcs#12 and explain the pbkdf2 option.

            – Lucas Martins
            Nov 23 '18 at 10:59














          1












          1








          1







          The command you are using generates a RSA key pair (private and public) and not a public key. Encrypting a public key usually doesn't make sense, because it should be public.



          If you want to encrypt the key pair, OpenSSL doesn't support RC4 for PEM encryption, but you can encrypt the key file, using openssl encryption.



          openssl rc4 -in keypair.pem -out keypair.enc -pbkdf2


          If you want to use the keys, you'll have to decrypt them:



          openssl rc4 -d -in keypair.enc -out keypair.pem -pbkdf2


          Note that pbkdf2 option is recommended but not mandatory. Also, pbkdf2 is supported only in the latest OpenSSL version, 1.1.1, if you are using a older version, you have to drop the option.



          openssl rc4 -in keypair.enc -out keypair.pem


          If you really want to encrypt a public key, you'll have to extract the public key from the key pair:



          openssl rsa -in keypair.pem -out pub.pem -pubout


          And encrypt it:



          openssl rc4 -in pub.pem -out pub.enc -pbkdf2





          share|improve this answer















          The command you are using generates a RSA key pair (private and public) and not a public key. Encrypting a public key usually doesn't make sense, because it should be public.



          If you want to encrypt the key pair, OpenSSL doesn't support RC4 for PEM encryption, but you can encrypt the key file, using openssl encryption.



          openssl rc4 -in keypair.pem -out keypair.enc -pbkdf2


          If you want to use the keys, you'll have to decrypt them:



          openssl rc4 -d -in keypair.enc -out keypair.pem -pbkdf2


          Note that pbkdf2 option is recommended but not mandatory. Also, pbkdf2 is supported only in the latest OpenSSL version, 1.1.1, if you are using a older version, you have to drop the option.



          openssl rc4 -in keypair.enc -out keypair.pem


          If you really want to encrypt a public key, you'll have to extract the public key from the key pair:



          openssl rsa -in keypair.pem -out pub.pem -pubout


          And encrypt it:



          openssl rc4 -in pub.pem -out pub.enc -pbkdf2






          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 23 '18 at 10:56

























          answered Nov 23 '18 at 1:09









          Lucas MartinsLucas Martins

          586




          586













          • Mostly concur, and welcome, but: enc -pbkdf2 is only in 1.1.1 released 2 months ago; many environments (distros etc) aren't that fast so you may need to build yourself. Without -pbkdf2 or in lower versions it uses EVP_BytesToKey with 1 iteration which is bad -- but no worse than legacy-PEM encryption. For pkcs12 -export the option is -nocerts (with s), but -rc4 (or any -cipher) applies only to import i.e. P12-to-PEM; it is ignored for export. The export option is -keypbe cipher and that fails for rc4, just like pkcs8 -topk8 and pkey and genpkey do.

            – dave_thompson_085
            Nov 23 '18 at 10:30













          • Thanks for the comment. You are right. I updated the answer to remove the pkcs#12 and explain the pbkdf2 option.

            – Lucas Martins
            Nov 23 '18 at 10:59



















          • Mostly concur, and welcome, but: enc -pbkdf2 is only in 1.1.1 released 2 months ago; many environments (distros etc) aren't that fast so you may need to build yourself. Without -pbkdf2 or in lower versions it uses EVP_BytesToKey with 1 iteration which is bad -- but no worse than legacy-PEM encryption. For pkcs12 -export the option is -nocerts (with s), but -rc4 (or any -cipher) applies only to import i.e. P12-to-PEM; it is ignored for export. The export option is -keypbe cipher and that fails for rc4, just like pkcs8 -topk8 and pkey and genpkey do.

            – dave_thompson_085
            Nov 23 '18 at 10:30













          • Thanks for the comment. You are right. I updated the answer to remove the pkcs#12 and explain the pbkdf2 option.

            – Lucas Martins
            Nov 23 '18 at 10:59

















          Mostly concur, and welcome, but: enc -pbkdf2 is only in 1.1.1 released 2 months ago; many environments (distros etc) aren't that fast so you may need to build yourself. Without -pbkdf2 or in lower versions it uses EVP_BytesToKey with 1 iteration which is bad -- but no worse than legacy-PEM encryption. For pkcs12 -export the option is -nocerts (with s), but -rc4 (or any -cipher) applies only to import i.e. P12-to-PEM; it is ignored for export. The export option is -keypbe cipher and that fails for rc4, just like pkcs8 -topk8 and pkey and genpkey do.

          – dave_thompson_085
          Nov 23 '18 at 10:30







          Mostly concur, and welcome, but: enc -pbkdf2 is only in 1.1.1 released 2 months ago; many environments (distros etc) aren't that fast so you may need to build yourself. Without -pbkdf2 or in lower versions it uses EVP_BytesToKey with 1 iteration which is bad -- but no worse than legacy-PEM encryption. For pkcs12 -export the option is -nocerts (with s), but -rc4 (or any -cipher) applies only to import i.e. P12-to-PEM; it is ignored for export. The export option is -keypbe cipher and that fails for rc4, just like pkcs8 -topk8 and pkey and genpkey do.

          – dave_thompson_085
          Nov 23 '18 at 10:30















          Thanks for the comment. You are right. I updated the answer to remove the pkcs#12 and explain the pbkdf2 option.

          – Lucas Martins
          Nov 23 '18 at 10:59





          Thanks for the comment. You are right. I updated the answer to remove the pkcs#12 and explain the pbkdf2 option.

          – Lucas Martins
          Nov 23 '18 at 10:59



          Popular posts from this blog

          404 Error Contact Form 7 ajax form submitting

          How to know if a Active Directory user can login interactively

          Refactoring coordinates for Minecraft Pi buildings written in Python