xca
xca copied to clipboard
Encrypting/Decrypting Data
Why is there no functionality to encrypt/decrypt material using the private and public keys of the certs ?
Please educate me.
To encrypt:
set up a certificate with let's say the following capabilities:
export the certificate as
extract the public key
openssl x509 -pubkey -noout -in 82d5ae1f-d28e-47d6-a4a9-9eb3b45faccf.pem > 82d5ae1f-d28e-47d6-a4a9-9eb3b45faccf.pub
and encrypt e.g.
echo helloBello > /tmp/pass.txt; openssl rsautl -in /tmp/pass.txt -out pass.enc -pubin -inkey 82d5ae1f-d28e-47d6-a4a9-9eb3b45faccf.pub -encrypt
and decrypt
openssl rsautl -in pass.enc -out pass.dec -inkey 82d5ae1f-d28e-47d6-a4a9-9eb3b45faccf.pem -decrypt
There are some fancy ways using the gnu 'tee' to distribute a password safely to openssl.
Maybe some UI support to add this kind of functionality to XCA is another possibility - meaning UI functionality to setup and execute these type of shell/powershell/-scripts.
I guess I ask to enhance XCA with encryption/decryption/signing/verifying capabilities.
Please educate me, why I might be off-track/base here.
My take would be to keep XCA like it is. Let it do certificate management, focus on that, do it well.
Less code means less bugs, less potential for security issues, …