On 10/19/2007 5:35 AM, [EMAIL PROTECTED] wrote:
> I am currently trying to convert from OpenSSL to NSS (seemed like a good
> idea at the time). The code that I currently have an issue with is
> essentially ...
>
> key=RSA_new();
> if (key) {
> key->n=BN_bin2bn(IssPubKey,IssPubKeyLgth,NULL);
> key->e=BN_bin2bn(PubKeyExponent->value,PubKeyExponent->lgth,NULL);
> decrypt_lgth=RSA_public_decrypt(lgth, value, (unsigned char
> *)recovered, key, RSA_NO_PADDING);
> }
> RSA_free(key);
>
>
> but the key is a public key.
>
>
> I originally though that function PK11_PubDecryptRaw would provide the
> same outcome (having encoded and imported the key - see NSS tech note #7)
> but now realise that it only uses a private key (the normal way of doing
> things) and cannot be used with a public key. I cannot find any other
> function that will do this - so, is there a function that I haven't
> spotted yet or am I completely wrong with this approach? !
>
>
> Any help or ideas greatly appreciated.
>
Here, X.509 keys are used very much like OpenPGP keys. Public keys
encrypt; private keys decrypt. See my
<http://www.rossde.com/PGP/pgp_encrypt.html#basic>.
By the way, your signature should have the "-- " (dash-dash-space) on a
line of its own. This is per Section 4.3 of RFC 3676.
--
David E. Ross
<http://www.rossde.com/>
Natural foods can be harmful: Look at all the
people who die of natural causes.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
