How to encrypt public key with rc4 in openssl?

Question

I have found this way of generating rsa public key with openssl and encrypting it with aes:

openssl genrsa -aes256 -out public.pem 4096

how could i do the same with rc4:

openssl genrsa -rc4 -out public.pem 4096 Generating RSA private key, 4096 bit long modulus ...............................................................................................................................++ ...............................++ e is 65537 (0x010001) 140272337293760:error:09069071:PEM routines:PEM_ASN1_write_bio:unsupported cipher:../crypto/pem/pem_lib.c:309:

is there any way to do this?

Answer 1

The command you are using generates a RSA key pair (private and public) and not a public key. Encrypting a public key usually doesn't make sense, because it should be public.

If you want to encrypt the key pair, OpenSSL doesn't support RC4 for PEM encryption, but you can encrypt the key file, using openssl encryption.

openssl rc4 -in keypair.pem -out keypair.enc -pbkdf2

If you want to use the keys, you'll have to decrypt them:

openssl rc4 -d -in keypair.enc -out keypair.pem -pbkdf2

Note that pbkdf2 option is recommended but not mandatory. Also, pbkdf2 is supported only in the latest OpenSSL version, 1.1.1, if you are using a older version, you have to drop the option.

openssl rc4 -in keypair.enc -out keypair.pem

If you really want to encrypt a public key, you'll have to extract the public key from the key pair:

openssl rsa -in keypair.pem -out pub.pem -pubout

And encrypt it:

openssl rc4 -in pub.pem -out pub.enc -pbkdf2