On Wed, Oct 03, 2007 at 10:42:59AM -0500, Md Lazreg wrote: > Private keys do encrypt using the function : > http://www.openssl.org/docs/crypto/RSA_private_encrypt.html
Of course they do, but when a private key encrypts, it is called "signing", because the public key is presumed to be (drum roll...) "public" i.e. not held in confidence exclusively by a single recipient. So encrypting with a private key yields signatures, not confidentiality. > The holder of the private key is me. And it is my application compiled with > my public key that will decrypt whatever I have encrypted with my private > key. My application will behave differently depending on what it finds in > the decrypted information. Are you signing instructions that the application authenticates, and should ignore if not signed by the right key, or sending confidential data for the eyes of the application only? If you are signing, your model is fine, and embedding the public key in the binary is exactly the right thing to do. If you are encrypting, use a symmetric algorithm, the public key algorithm is just confusing you. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]