OK!
So I walked into this thinking "Easy, I got this." Turns out there's a whole lot more to it than even I thought.
So the first issue is that (according to the man pages for OpenSSL (man 3 pem)), OpenSSL is expecting the RSA key to be in PKCS#1 format. Clearly this isn't what ssh-keygen is working with. You have two options (from searching around).
If you have OpenSSH v. 5.6 or later (I did not on my laptop), you can run this:
ssh-keygen -f key.pub -e -m pem
The longer method of doing this is to break apart your SSH key into it's various components (the blog entry I found some of this in accuses OpenSSH of being "proprietary", I prefer to call it "unique") and then use an ASN1 library to swap things around.
Fortunately for you, someone wrote the code to do this:
https://gist.github.com/1024558
GnuPG consumes several bytes from /dev/random
for each random byte it actually uses. You can easily check that with this command:
start cmd:> strace -e trace=open,read gpg --armor --gen-random 2 16 2>&1 | tail
open("/etc/gcrypt/rngseed", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/dev/urandom", O_RDONLY) = 3
read(3, "\\\224F\33p\314j\235\7\200F9\306V\3108", 16) = 16
open("/dev/random", O_RDONLY) = 4
read(4, "/\311\342\377...265\213I"..., 300) = 128
read(4, "\325\3\2161+1...302@\202"..., 172) = 128
read(4, "\5[\372l\16?\...6iY\363z"..., 44) = 44
open("/home/hl/.gnupg/random_seed", O_WRONLY|O_CREAT, 0600) = 5
cCVg2XuvdjzYiV0RE1uzGQ==
+++ exited with 0 +++
In order to output 16 bytes of high-quality entropy GnuPG reads 300 bytes from /dev/random
.
This is explained here: Random-Number Subsystem Architecture
Linux stores a maximum of 4096 bytes (see cat /proc/sys/kernel/random/poolsize
) of entropy. If a process needs more than available (see cat /proc/sys/kernel/random/entropy_avail
) then the CPU usage becomes more or less irrelevant as the feeding speed of the kernel's entropy pool becomes the relevant factor.
Best Answer
In the openssl manual (
openssl
man page), search forRSA
, and you'll see that the command for RSA encryption isrsautl
. Then read thersautl
man page to see its syntax.The default padding scheme is the original PKCS#1 v1.5 (still used in many procotols); openssl also supports OAEP (now recommended) and raw encryption (only useful in special circumstances).
Note that using openssl directly is mostly an exercise. In practice, you'd use a tool such as gpg (which uses RSA, but not directly to encrypt the message).