Archived Forum Post
Index of archived forum posts
Question:
Archived Forum PostQuestion:
Hi,
I'm still using visua lfoxpro and i'm trying your examples. One of them particularly interest me (rsa crypting and decrypting string) and it is said you can crypt with the public key and decrypt with the private key but you only use the private key ? Is there a reason??
I want to use private key for crypting and use the public key for decrypting. Is that possible??
Is it possible to decrypt directly from a signature with a public key??
Thank you in advance for your answers
Regards
Jean-Pierre SENET
An RSA signature does not contain the original data, so you cannot really decrypt from it. You can use the public key to verify that what is claimed to be the original data has not changed, and also that only the owner of the private key could've created the signature.
The Chilkat RSA API does allow for you to encrypt using the private key. You'll notice there is a "usePrivateKey" argument in each of the Encrypt/Decrypt methods. In general, it makes no sense to encrypt with the private key and decrypt with the public key -- except that it's essentially a way to "sign" the data. Given that anybody with access to the public key can decrypt, it's not a means for securing/hiding the data from the public. But you can use it as a means for knowing that the data originated from the owner of the private key.
Also, and this is important: RSA can only encrypt/decrypt very small amounts of data (on the order of 100 bytes). This is not the case for RSA signatures -- where the data is always hashed first using a hash algorithm such as SHA1, SHA256, MD5, etc. and then the hash is signed.
What you may be thinking about is using an RSA key to create an opaque PKCS7 signature, where the PKCS7 structure contains both the original data and the signature. This is done using a digital certificate with an associated RSA key. The Chilkat Crypt2 API can be used to do this. In essence, this likely best fits what you're trying to achieve. You would use Crypt2.OpaqueSignStringENC or one of the other OpaqueSign* methods. I'll try to create some examples linked from the online reference documentation.
hello and thank you for your answer.
In fact we want to use RSA Signature because we have been asked by the french tax office to sign all the transactions in our software (POS) and we have to give them a public key so they can chack the data in the shops and see if the data have been changed.We have to sign files too.
The request is key 2048 bits Algorithm for signature RSA or ECC Algorithm for hashing sha 256 or SH512 Data to be encoded in Base64url.
Hi,
Sorry to ask all theses questions but i a new to rsa,cryption and so on.
Here is what i want to achieve.
Generate public and Private key (2048) which i thing i have done right below is my code
an 8192-bit key. lnSuccess = loRsa.GenerateKey(2048) IF (lnSuccess <> 1) THEN WAIT WINDOW (loRsa.LastErrorText) RELEASE loRsa CANCEL ENDIF
Keys are exported in XML format: lcPublicKey = loRsa.ExportPublicKey() clepublique = lcPublicKey lcPrivateKey = loRsa.ExportPrivateKey() cleprivee = lcPrivateKey SET SAFETY off STRTOFILE(clepublique,"c:pressingclepublique.txt") STRTOFILE(cleprivee,"c:pressingcleprivee.txt")
Then hash a string whith the code below
Import the private key into the RSA component: lnSuccess = loRsa.ImportPrivateKey(cleprivee) IF (lnSuccess <> 1) THEN WAIT window( loRsa.LastErrorText) RELEASE loPkey RELEASE loRsa CANCEL ENDIF loRsa.EncodingMode = "base64url"
If some other non-Chilkat software is going to verify
lcStrData = thisform.text1.value \ the string to be hashed lnUsePrivateKey = 0
then sign a hashed string so that it can be compared with the original string to see if this one has been changed.(with the public key that we have given to the tax people)
here is what i coded but doesn't seem to be right
loRsa.EncodingMode = "base64url"
lcStrData = thisform.text1.value \