Hi Makejian,

 

I am terribly sorry, but that is not supported anymore.

 

To achieve that, you would need to swap the public and the private exponents in the RSA context, then remove the CRT coefficients. All these fields in the RSA context are private. That is, you would need to enable MBEDTLS_ALLOW_PRIVATE_ACCES and even if you manage to make it work like this, it is not guaranteed that it will keep working in later versions.

 

Best regards,

Janos

(Mbed TLS developer)

 

From: ¿Ë¼á Âí via mbed-tls <mbed-tls@lists.trustedfirmware.org>
Date: Tuesday, 24 October 2023 at 13:22
To: mbed-tls@lists.trustedfirmware.org <mbed-tls@lists.trustedfirmware.org>
Subject: [mbed-tls] Re: How can I encrypt with a private key?

hi Janos,
Thanks for your reply!

Due to application vendor restrictions, I need to use the public key to decrypt data encrypted with the private key from the server.

I use 'mbedtls_rsa_check_privkey' to check whether it is a private key and decide to  decrypt with private key or public key, which can temporarily solve this problem.

But there is a problem that I cannot use the public key to encrypt when I have the private key. 

So do you have any good suggestions for supporting both encryption and decryption with private key and public key?

Thanks again and looking forward to your reply!

Best regards,
makejian
--
mbed-tls mailing list -- mbed-tls@lists.trustedfirmware.org
To unsubscribe send an email to mbed-tls-leave@lists.trustedfirmware.org