On Thu, Jun 10, 2010 at 03:55:40PM -0700, David Schwartz wrote: > > Hannes Schuller wrote: > > > > I'm very puzzled here. Why do you sign the reply and then sign a hash > > > of the signature? You say "Message encryption successful", but that's > > > a signature you're doing, not an encryption. > > > I was under the impression that RSA_private_encrypt and > > RSA_public_encrypt do nothing but encrypt the given payload. The > > (non-quoted) code before this ensures the reply is shorter than the > > regular message digest length. > > So yes, RSA_private_encrypt performs the RSA primitive operation known as > "encryption". But it doesn't actually encrypt anything in the sense of > concealing contents to that only a desired party can access them. (Because > anyone with the public key can reverse the operation.)
That's right, but in this scenario, the public key isn't supposed to be public. As I said, I can't say I'm particularly proud of this whole setup, but you've given me a fair warning which I accept. Thanks for your help! Hannes ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
