Logan, I'm fairly new to cryptography but I think I can answer your question. I'm assuming you're talking about RSA, though what I say here probably applies to other public-key cryptographic algorithms, too.
What you're describing sounds like the "signing" functionality of RSA. Signing enables the owner of a key pair to vouch for a file. Signing doesn't encrypt the file; it merely proves that it came from the owner of the key pair and wasn't tampered with in transit. And indeed, the act of signing is (roughly) as you describe -- encryption of a digest of the file with the private key. Verification of the signature is done through decryption with the public key of the encrypted digest, then verifying that the digest matches the one corresponding to the file. It's a little more detailed than that in practice, but that's the general idea. This is why you can't find EncryptPrivate() and DecryptPublic(); those functions are more likely to be called Sign() and Verify() in an RSA package, because that's what they're used for. If you're trying to allow your software to verify that license files were created only by you or your company, then this is indeed a classic use of signing. The best direct attack I can think of against this is to replace the public key in the product with the attacker's key; then he can create a working license key for himself. (Of course, it would be much simpler just to disable the key-checking code entirely.) Adding to my uselessness, I'm not too familiar with Crypto++'s API; however, wherever the RSA encryption/decryption functions are, there are sure to be signing/verification functions. Look for those and you'll probably get what you want. Good luck. Mike Tsao ----- Original Message ----- From: Logan Dugenoux To: [EMAIL PROTECTED] Sent: Wednesday, October 15, 2003 3:31 PM Subject: encrypt data with PRIVATE key Hi, I would like to encrypt data with PRIVATE key and decrypt it with PUBLIC key. Crypto++ samples are encrypting with PUBLIC key and decryping with PRIVATE key... The aim is to send license file to users, and they can only decode it, with public key but not create new ones.... I've found sone info at http://www.mail-archive.com/[EMAIL PROTECTED]/msg00754.html but I don't understand at all, the posted code dosent works, ... If you could help... I'm writing a helper to do this operation I can post it once it's finished but for now i'm stuck ! thanks ! Logan
