Encrypting/Decrypting Data

[whosystem]

Why is there no functionality to encrypt/decrypt material using the private and public keys of the certs ? Please educate me. To encrypt: set up a certificate with let's say the following capabilities: export the certificate as extract the public key openssl x509 -pubkey -noout -in 82d5ae1f-d28e-47d6-a4a9-9eb3b45faccf.pem > 82d5ae1f-d28e-47d6-a4a9-9eb3b45faccf.pub and encrypt e.g. echo helloBello > /tmp/pass.txt; openssl rsautl -in /tmp/pass.txt -out pass.enc -pubin -inkey 82d5ae1f-d28e-47d6-a4a9-9eb3b45faccf.pub -encrypt and decrypt openssl rsautl -in pass.enc -out pass.dec -inkey 82d5ae1f-d28e-47d6-a4a9-9eb3b45faccf.pem -decrypt

There are some fancy ways using the gnu 'tee' to distribute a password safely to openssl.

Maybe some UI support to add this kind of functionality to XCA is another possibility - meaning UI functionality to setup and execute these type of shell/powershell/-scripts.

I guess I ask to enhance XCA with encryption/decryption/signing/verifying capabilities.

Please educate me, why I might be off-track/base here.

[kdambekalns]

My take would be to keep XCA like it is. Let it do certificate management, focus on that, do it well.

Less code means less bugs, less potential for security issues, …