Dr. Stephen Henson wrote:
You can't because that isn't what the operation is doing. If you perform an
"encrypt" operation with RSA it is encrypting the data using a *public* key.
It accepts a private key but only uses the public key portion of it.
That's what the decrypt operation fails: it needs a private key.
Ok, now I understand. Thanks for the answer.
It seems a bit odd to do what you are suggesting. Symmetric keys are normally
secret and doing that would make it readable to anyone with access to the
public key.
If you really want to do that then you probably want the sign/verify
operations instead which call RSA_private_encrypt() and RSA_public_decrypt().
What I want to do is the following: I want to restrict use of software
by specifying limits such as number of CPU's and validity until a
certain date. This data will be put in an .xml file. But, I want to be
able to make sure that the software has to use a Smartcard (with public
and private key) to check the integrity of this .xml file so nobody can
alter it, but I *also* want to make sure that the .xml file was made and
certified by the company that owns the software.
The easy solution would be to just use certificates and use the validity
periods therein. I could use the company's CA cert and store the
software user's cert in the smartcard. However, this would imply having
to update the smartcard every time they pay license fees and this is not
what desirable. So I just want to use public/private keys, no
certificates for this.
Steve.
Kind regards,
Simon de Hartog
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
