Well, you can use mbedtls_rsa_export to obtain N, E and D, and then mbedtls_rsa_import with E and D swapped followed by mbedtls_rsa_complete.

But “encrypt with a private key” doesn't actually make sense. Mathematically, it works, because there's a way to make the core RSA operation work the same in both directions. But the resulting construction is unlikely to have any security properties. Calling mbedtls_rsa_pkcs1_encrypt with a private key doesn't actually “encrypt” since anyone can still obtain the plaintext.

Mbed TLS 3.x still provides the function mbedtls_rsa_public() and mbedtls_rsa_private() if you need some custom RSA-based encoding that is neither a PKCS#1 encryption mechanism nor a PKCS#1 signature mechanism.

Best regards,

--
Gilles Peskine
Mbed TLS developer

On 24/10/2023 15:59, Janos Follath via mbed-tls wrote:

Hi Makejian,

 

I am terribly sorry, but that is not supported anymore.

 

To achieve that, you would need to swap the public and the private exponents in the RSA context, then remove the CRT coefficients. All these fields in the RSA context are private. That is, you would need to enable MBEDTLS_ALLOW_PRIVATE_ACCES and even if you manage to make it work like this, it is not guaranteed that it will keep working in later versions.

 

Best regards,

Janos

(Mbed TLS developer)

 

From: via mbed-tls <mbed-tls@lists.trustedfirmware.org>
Date: Tuesday, 24 October 2023 at 13:22
To: mbed-tls@lists.trustedfirmware.org <mbed-tls@lists.trustedfirmware.org>
Subject: [mbed-tls] Re: How can I encrypt with a private key?

hi Janos,
Thanks for your reply!

Due to application vendor restrictions, I need to use the public key to decrypt data encrypted with the private key from the server.

I use 'mbedtls_rsa_check_privkey' to check whether it is a private key and decide to  decrypt with private key or public key, which can temporarily solve this problem.

But there is a problem that I cannot use the public key to encrypt when I have the private key. 

So do you have any good suggestions for supporting both encryption and decryption with private key and public key?

Thanks again and looking forward to your reply!

Best regards,
makejian
--
mbed-tls mailing list -- mbed-tls@lists.trustedfirmware.org
To unsubscribe send an email to mbed-tls-leave@lists.trustedfirmware.org