Ken wrote:
OK, so you are doing a signing operation, not an key exchange or encryption. (the symetric key only applies to the decryption issue). In doing crypto, it's important to understand what your high level goal before you can apply the appropriate primitives. In this case it sounds like you aren't really making data unreadable, you are simply making sure the data is the correct data (that is the license is valid).2008/11/15 Robert Relyea <[EMAIL PROTECTED]>:NZzi wrote:Robert Relyea wrote:NZzi wrote:hi all:I want to use private key to encrypt a message, and decrypt with public key.Are you encrypting data or a symmetric Key? Most of the nss code that does these operations does so on actual symetric keys (which are then used to do additional encryption/decryption/macing). In that case they are using the PK11_PubWrapSymKey() and PK11_PubUnwrapSymKey().If i use symmetric key to encrypt a license and use private key to encrypt the symmetric key, other people can have my public key.Yeah, it's an unfortunate name. The Pub in PubWrapSymKey means 'Public Key Cryptography" not PublicKey. It's really the private key. It was written before we started standardizing on separating Public and Private in the function name.but i must guarantee the integrity of license and forbid it from regenerating or modifying. No matter what key(public or private) is used to wrap the symkey, if someone hack the program to get the unwrapped symkey(e.g. from memory), he can modify and regenerate the license to pass the validation. So i just want to use private key to encrypt the license, decrypt and validate it using public key.
Typically you include the data you are signing in the clear along with the signature. The license content can't be a secret, or your scheme is broken (anyone can get it if you 'encrypt' it with your private key). If you just use the RSA encrypt, you are definitely tying yourself to RSA (no possibility of using some other signing algorithm, which requires you to possess knowledge of what it is you are trying to sign before you actually verify). If you are trying to match some existing system, then you are pretty much stuck with RSA anyway, but if you are building this on your own, then consider including the data outside the signature. You'll thank me later;).The reason I don't use SGN_*() is I need recover the content of license. I tried the PK11_VerifyRecover(), but got 8192 error, So I'm not sure PK11_VerifyRecover() can recover the content of license signature, signed by PK11_Sign(private_key,...)?
That being send, PK11_VerifyRecover should work. The most likely reasons for it not working include: 1) the public key you decrypt with doesn't math the private key you encrypted with, 2) the signed data is corrupted in some way. What does your code sample look like?
bob
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
