How to decrypt with public key after encrypt with private key

encryptionopenssl

I encrypted a file with a symmetric key using the openssl command line, and then I encrypted that symmetric key with a RSA public key. I experimented a bit with the encryption and decryption, and then I accidentally encrypted the symmetric key with my RSA private key. The encryption went on with no errors.

So now I can't decrypt the symmetric key so to get to my file. Is there any openssl command that decrypts with the public key?


The command line that I have used for encryption:

openssl rsautl -encrypt -inkey private_key.pem -in symmKey.key -out symmKey.enc

and for the decryption I tried to use:

openssl rsautl -decrypt -inkey public_key.pem -pubin -in symmKey.enc -out symmKey.key

I also tried to verify the symmKey.encwith:

openssl rsautl -verify -inkey public_key.pem -pubin -in symmKey.enc -out symmKey.key

but then I am getting the following error:

RSA operation error
    5968:error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding:crypto\rsa\rsa_pk1.c:67:
    5968:error:04067072:rsa routines:rsa_ossl_public_decrypt:padding check failed:crypto\rsa\rsa_ossl.c:586:`

Best Answer

You actually haven't encrypted with the private key at all. The encoding of the private key contains both the components required for the private and the public key. The OpenSSL command line is smart enough to select the public key components in the encoded private key when encrypting.

So you can simply decrypt using the private key:

openssl rsautl -decrypt -inkey private_key.pem -in symmKey.enc -out symmKey.key

Note that the modulus is already present in the private key. The public key consists of the modulus and the public exponent, which is generally set to the fifth prime of Fermat: F4 with the value 0x010001 (65537). So it is easy to store it in the private key, if just for convenience.