RSA verify

Hi, I'm looking for a way to check the sender of the message. the Juce does not have the classic features ssl Verify signature.

Is it right to use this method?

    RSAKey private_key("");
    String initial = "Message";
    bi.loadFromMemoryBlock(MemoryBlock(initial.getCharPointer(), initial.length()));


    RSAKey public_key("");

if I see a message means to the sender to check?

You can have a look at

(decryptXML) - but that's not really verification, but decryption.

What you could do for verification is:

Alice: appends private key encrypted hash of message
Bob: "decrypts" hash with public key and compares the result with the hash he computed from the message.

Here's in pseudo-code, what the alogithm might look like:

hmac sign(private_key, message) // return the signature
  hash = sha256(message);
  signature = private_key.encrypt(hash);
  return signature;  

bool verify(public_key, message, hmac)
  my_hash = sha256(message);
  their_hash = public_key.decrypt(hmac);
  return my_hash == their_hash; 

But instead of cooking up such algorithms on your own, I'd recomend to use a library - crypto is just to easy to get wrong.

I had great success with libsodium (
It should be straight forward to create a juce module out of it.



Thanks for the hint, now everything is clear