I'm writing a client application that needs to verify some content
from a server. I've generated an RSA key pair: the private key for the
server and the public key for the client.
I also would like the data to be encrypted, so I'm trying to use
EVP_OpenInit on the receiving end to do my decryption. I'm reading a
public key in from DER format in memory (using d2i_PUBKEY), which is
working fine for signature verification. However, the key in memory is
only a public key (by design), and OpenSSL seems to be expecting a
private key to be in the EVP_PKEY I send to EVP_OpenInit.
How can I get OpenSSL to look at the public key in the EVP_PKEY and
use it? From what I know of RSA, there's no reason this public key
can't be used in a role a private key normally would be. I'd rather
not have to create a second key pair, which seems redundant.
I know it's not that hard to extract the key from the client
executable, but I'm more concerned about eavesdropping third parties
who will not have access to the client executable.
--
Jeremy R.
NovaWave Solutions
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org