Ok, so then, do I still need to sign the data from seal and verify before I open?
~Shaun -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Goetz Babin-Ebell Sent: Wednesday, December 03, 2008 2:02 PM To: openssl-users@openssl.org Subject: Re: sign/verify kicking my ass -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Shaun R. wrote: | OK, i converted over to EVP_*, the sign/verify works but now i'm | confused about decrypt, for EVP_DecryptInit i need to tell it a CIPHER | but i dont see RSA in the cipher listings on | http://www.openssl.org/docs/crypto/EVP_EncryptInit.html# Looking closer | at the man page it looks like RSA isnt considered a cipher, what should | i be using to decrypt RSA messages? Ahem, I really should read the manuals for the functions I recommend ;-) EVP_Encrypt_* and EV_Decrypt_* are for encrypting / decrypting messages with symmetric ciphers. Using RSA to encrypt / decrypt is a little bit more complicated: You do not use RSA to encrypt/decrypt the message, you encrypt/decrypt your message with a symmetric cipher. But since you need the key for the symmetric cipher at both ends, you usually encrypt this key with RSA so the recipient having the private key can decrypt the RSA block to get the key and afterwards uses this key to decrypt the message. Naturally you could do all these steps on your own. But fortunately there is already a set of functions that do that for you: Encrypt: EVP_SealInit, EVP_SealUpdate and EVP_SealFinal Decrypt: EVP_OpenInit, EVP_OpenUpdate and EVP_OpenFinal With these you generate a message containing of at least 3 parts: * The asymmetric data blob (the session key encrypted with ~ the RSA public key of the recipient) * the IV * The data (encrypted with the session key stored in the ~ asymmetric data blob) It would be a good idea to also add some identifier about the recipient. How you store and transfer these datas is up to you. Alternatively you also could encrypt the data using PKCS#7 There you can use the functions PKCS7_encrypt and PKCS7_decrypt. The disadvantage with these functions is that all your data must fit into the memory of your device. This limit is not with all PKCS7 functions, There are PKCS7 functions working on streams, but the setup of these functions is a little bit more complicated... Goetz - -- DMCA: The greed of the few outweighs the freedom of the many -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJNwHe2iGqZUF3qPYRAmU4AJ9yQqCw3kXwiOKuN9wCF1X4x4ii6QCeNasE H29OHMunJ2KPmKMf+pacjkA= =DQSI -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
