Credit to a guide by Alexei Czeskis
NOTE: all RSA keys must be in .pem format
NOTE: all commands are run in terminal using a zsh (or other equivalent) shell
NOTE: need to generate keys before anything else ($ ./generate_keys)
- Public key exchange between individuals (verify keys over the phone or other method)
- Sender encrypts file: $ ./encrypt_file [file] [receiver public_key]
- Sender verifies the encrypted file: $ ./sign [file] [sender private_key]
- Sender shares all '.enc' files and the 'signature.sha256' with the receiver
- Receiver verifies signature: $ ./verify [file] [signature] [receiver public_key]
- Receiver decrypts file: $ ./decrypt_file [file.enc] [receiver private_key] [key.bin.enc]
- Sender needs the original file and the receiver's public key.
- Encrypt file using receiver's public key
- $ ./encrypt_file info.txt receiver.pub.pem -> Generates key.bin, key.bin.enc, and info.txt.enc
- Sign encrypted file with sender's private key.
- $ ./sign.sh info.txt.enc sender.pem -> Generates signature.sha256
- Send info.txt.enc, key.bin.enc, and signature.sha256 to receiver
- Receiver needs the encrypted files, the signature, and Sender's public key
- Verify the file using the signature and Sender's public key
- $ ./verify.sh info.txt.enc signature.sha256 sender.pub.pem -> Will say 'Verified OK' or 'Verification Failure'
- Decrypt file using Receiver's private key
- $ ./decrypt_file info.txt.enc receiver.pem key.bin.enc -> Generates original info.txt and original key.bin