Emil Guy
2014-10-02 14:53:43 UTC
Hello!
I'm trying to get rid of using GPG for encrypting some files since GPG
requires exec for the pear crypt library and a GPG install. I've made a
test implementation that uses OpenSSL public private keys generated like
this:
openssl genrsa -des3 -out priv.pem 2048
openssl rsa -in priv.pem -out pub.pem -outform PEM -pubout
And then I encrypt the data by looping through it like this (where chunk is
the length of the key used):
while($data) {
$chunk = substr(data, [...]);
[...]
openssl_public_encrypt($chunk, $encryptedBlock, $publicKey);
$output .= $encryptedBlock;
}
How is this implementation security-wise compared to gpg for encrypting
files? I don't need to keep out the NSA, but I want the files to be hard to
decrypt for an intruder. Any help is highly appreciated. Thanks!
Regards,
Emil
I'm trying to get rid of using GPG for encrypting some files since GPG
requires exec for the pear crypt library and a GPG install. I've made a
test implementation that uses OpenSSL public private keys generated like
this:
openssl genrsa -des3 -out priv.pem 2048
openssl rsa -in priv.pem -out pub.pem -outform PEM -pubout
And then I encrypt the data by looping through it like this (where chunk is
the length of the key used):
while($data) {
$chunk = substr(data, [...]);
[...]
openssl_public_encrypt($chunk, $encryptedBlock, $publicKey);
$output .= $encryptedBlock;
}
How is this implementation security-wise compared to gpg for encrypting
files? I don't need to keep out the NSA, but I want the files to be hard to
decrypt for an intruder. Any help is highly appreciated. Thanks!
Regards,
Emil