Hi, Can you use GPGME instead of OpenSSL? Perhaps it provides a High-Level Crypto API including hybrid encryption.
Yoshiki FUKUBA > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of snacktime > Sent: Sunday, August 27, 2006 3:23 AM > To: openssl-users > Subject: Simple way to use PKI for larger data sets > > I have an application that processes credit cards. It uses a > database to store the data. On a less secure (accepts > outside connections to process requests) server I run a copy > that only has the public key, which it uses to encrypt the > cards after authorization. On another server that doesn't > accept any incoming requests, I run a copy with the private > key that captures the authorizations, decrypting the cards > and sending the batch to the bank. Using rsa this works > great for the cards themselves, but I also want to encrypt > and store the raw transmission data we send for future > auditing/debugging. Since rsa was only designed to encrypt > the key and not the payload this presents a problem (data > larger than key size). I'd rather not make the software any > more complicated then it has to be. I could generate a > random key for each request, encyrpt it, and stick it in the > database with the request, but I was hoping for a simpler > solution. Are there any asymmetric ciphers in openssl that > don't have the same limitation on the amount of data that can > be encrypted? The data still isn't that large, probably 20 > times the key size at most, so I don't think performance > would be an issue, or would it? > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]