'openssl genrsa 2048' will generate a public and private keypair, and print the private key data (which also includes the public key and exponent) to stdout in base64 encoding. It will not encrypt the private key with AES unless you add another command-line switch, one of the following:
-aes128 -aes192 -aes256 These will prompt for a password to encrypt the key with. (I also hope they're self-explanatory.) The documentation for the 'genrsa' command only mentions -des, -des3, and -idea for encrypting the key; however, looking at the source (at least in 0.9.8i) shows me: -des -des3 -idea -seed -aes128 -aes192 -aes256 -camellia128 -camellia192 -camellia256 These parameters use CBC mode to encrypt the private key. I hope this helps! -Kyle H On Tue, Dec 16, 2008 at 12:44 AM, Theerthagiri, Gopinathan <gopinathan.theerthag...@in.tesco.com> wrote: > Hi, > > > > Could you please answer me the below question? > > > > 1. I have used the openssl.exe command line utility for generating > private & public keys. If I use the below command. > > > > Openssl.exe genrsa 2048. > > > > What will be actual cipher mode it using? > > AES-128 / AES 256? > > > > 2. what cipher mode it will use for encryption of below command? > > > > rsautl -encrypt -inkey PublicKey.pem -pubin -oaep -in UserData.txt -out > EncryptedData.txt > > > > Thanks & Regards, > > Gopi > > ---- Disclaimer ---- > This is a confidential email. Tesco may monitor and record all emails. The > views expressed in this email are those of the sender and not Tesco. > > Tesco Stores Limited > Company Number: 519500 > Registered in England > Registered Office: Tesco House, Delamare Road, Cheshunt, Hertfordshire EN8 > 9SL > VAT Registration Number: GB 220 4302 31 > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
