I am really bad with this stuff... This is probably a dumb question, but openssl just drives me crazy.
I have 2 images, I know the commands to decrypt them, I can do that, its easy. However, I want to also be able to re-encrypt after some modifications, and I just can't figure it out.
Again, I am really bad with this kind of thing. It looks to me like there is 4 separate security keys... Here are the commands I use to decrypt these image files, can somebody explain to me how to reverse these commands to re-encrypt the files?


cat install.tgz.p7m | openssl smime -verify -inform DER -signer ./signer_cert.txt -CApath /home/prushik/Public/keys/ca/ > ./install.bin
openssl enc -d -aes-256-cbc -pass file:/home/prushik/Public/keys/key < ./install.bin > install.tgz
tar xf install.tgz

cat image.ext2.bin | openssl smime -verify -binary -content /dev/stdin -noverify -inform PEM -in image.p7s | openssl enc -d -aes-256-cbc -salt -pass file:image.pwd | > image.ext2


The first block of commands is for the first file, the second file needs some kind of key from the first file to get decrypted.

Here's your first decrypt statement:

Here's how to re-encrypt that one:

Please read the enc(1) and smime(1) manpages. It might be easier to understand if you clean up your pipelines and document (for yourself) what is happening.

Great! thanks, just that first command might be enough, I should be able to modify a script in that first image so that the second image does not need to be encrypted at all.

In the command I posted to decrypt the second image, I think I added an extra pipe near the end accidentally, right before the redirect. Oops, sorry. For the most part I am pretty good at understanding pipes and redirects and such, but openssl and encryption stuff is just so complicated...