On Fri, Apr 14, 2006, Marek Marcola wrote: > Hello, > > just a side note: > > > > RSA private keys can be used to encrypt data that can be decrypted > > with the public key. > > > > RSA public keys can be used to encrypt data that can be decrypted with > > the private key. > Thats true, "signing" is technically nothing else as encrypting some > data (md hash) with private key. Where "verifying" is decrypting > some data with public key (with added memcmp() magic :-).
That is true for RSA but not for other algorithms BTW... Well actually is isn't completely true for RSA either, PSS mode doesn't work like that. > Command "openssl" can not encrypt with private key because is written > in this way, not because it is not possible. The rsautl utility can do this using the -sign and -verify options. In rsautl "verify" does a public decrypt and writes the result rather than a memcmp and a Yes/No answer. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
