Looking for a (simple) utility to decrypt rsa-encrypted text in Windows?

Question

Quick question: I'm looking for a simple utility program to be able to decrypt rsa-encrypted data (either base64-encoded or binary attachment) on a Windows workstation.

Scenario: There is a group of operators that will get email alerts with information on user they have to contact. Part of the info is encrypted, and we need them to be able to decrypt that info to reach out to the users. They'd have the corresponding private key, so the idea would be to "paste the private key and the text" or "open the attachment" and get the resulting 1-2 lines of decrypted text.

I know that OpenSSL and some scripting in Perl, or a zillion other options, would get me the data, but that would mean:

• Deploying OpenSSL to the operator's computers
• Deploying ActivePerl (or similar)
• Allowing the operators to open a command prompt on the machine (current security policy disables it)
• Teaching them how to run the script from the command line

Quite a bit of work I'd rather avoid.

I've been googling around, and I've found one million versions of the recipes for openssl, half a million source code examples, and no "encryption utilities"... So I've decided to ask here in case someone is aware of some (probably obscure) tool that does what I need...

Thanks a lot in advance!!

Answer 1

You could send the mails in standard S/MIME format, which would allow recipients to use a plugin for their mail client of choice to read the encrypted parts without too much hassle. I know for a fact that there are Tunderbird plugins, and I'm pretty sure Outlook has native support for S/MIME.

You can create these mails with the openssl command line tool: https://www.openssl.org/docs/apps/smime.html

Answer 2

It sounds like what you are looking for is a solution where the encrypted text and the private key can be copied and pasted into in application that will perform the decryption. Ideally, you would like a solution that does not require anything to be installed on the users' systems.

You might want to check out Travis Tidwell's javascript RSA implementation. See http://travistidwell.com/blog/2013/02/15/a-better-library-for-javascript-asymmetrical-rsa-encryption/. You could simply cook-up a web page hosted on a web server, that uses his 'jsencrypt' library, with a simple form with text areas for the user to copy and paste the encrypted text and the private key (similar to the demo on the above page). This would allow the decryption to be done locally (by way of javascript) on the user's system, without having to install anything on the user's system.

Answer 3

I agree with the above answer. S/MIME is a protocol for secure email. I would like to add that it is well supported in Outlook as well if that is a concern. And even in Outlook Web Access.

If you're in an Exchange environment you can set it up for OWA as follows:

As an organization administrator for both Exchange 2013 and Exchange Online, you can set up Outlook Web App to allow sending and receiving S/MIME-protected messages. Use the SMIMEConfig cmdlet to manage this feature through the Exchange Management Shell interface. For more information such as a detailed description of parameters and examples for get-SMIMEConfig and set-SMIMEConfig, see the Get-SmimeConfig and Set-SmimeConfig documentation. You can only use the Shell to perform this procedure. To learn how to open the Shell in your on-premises Exchange organization, see Open the Shell. To learn how to use Windows PowerShell to connect to Exchange Online, see Connect to Exchange Online using remote PowerShell.

Source https://technet.microsoft.com/en-us/library/dn626160(v=exchg.150).aspx

For additional information you may like to visit: https://technet.microsoft.com/en-us/library/dn626158(v=exchg.150).aspx