I need to encrypt data with asymmetric key. Not sure whether PolarSSL (v1.2) has common API for this. The key in certificate can be RSA or DHM (or EC) and I expect to have universal API like "init/encrypt/decrypt/free" without separate calls to rsa_encrypt, dh_encrypt, etc.
Asked
Active
Viewed 184 times
1 Answers
1
There is no common API for the 1.2 branch. There is also no elliptic curve support in the 1.2 branch. The 1.2 branch has been in maintenance mode for quite a while now.
For a generic layer with PolarSSL / mbed TLS you should switch to a recent version.
Just for clarification: Although DHM has to do with asymmetric encryption, it is a key exchange method, not an encryption algorithm. There is not really a thing as a DHM key in a certificate.
Paul
- 1,337
- 11
- 11
-
DHM is used to exchange the symmetric key (e.g. AES) for the real encryption. But the same role has RSA... Or there is difference in DHM? I have to encrypt some data with X.509 cert and hope can do this with PolarSSL (1.2). Because it is not sure what will be the X.509 cert - RSA or DHM, I want to support both. – i486 Apr 15 '15 at 08:00
-
PS: In my test certs I see "Public key: RSA". I suppose it is also possible to have DHM public key or not? – i486 Apr 15 '15 at 08:10
-
No... You can have RSA, or Elliptic Curve keys in there.. DHM does not use a key. Although RSA/ECC is often used to secure the DHM exchange itself.. – Paul Apr 15 '15 at 11:14
-
I created a certificate with public key of type DSA (with Xca soft). Is it RSA public key, DH or some universal public key? – i486 Apr 15 '15 at 12:03