How to decrypt data using RSA public key?

let me introduce my problem, i have some *.crt file, which contains DER encoded x509 version 3 certificate. Using ASN1 DER(libtomcrypt) i decrypt data and save it to some structure called x509v3. I have some message M, encrypted signature of M -> S(RSA encrypted), and public 开发者_如何学Ckey -> P which is located inside x509 certificate(subject public key field). First i must decrypt S using public key P, but problem is that i can't find any api which will do this?

I looked for libtomcrypt but seems there is no api which takes public key( which is unsigned char * ) and encrypted data (also unsigned char *) and gives the decrypted data( unsigned char *).

Thanks for help! p.s. sorry for my english;)

You are one of the countless victims of an historical sloppy presentation of signatures, which has created and still creates massive amounts of confusion.

What you have is a signature and you want to verify it. There exist several signature algorithms, and one of them is called "RSA" because it looks similar to an asymmetric encryption algorithm also called similar. A very rough description of RSA signatures is that "you encrypt with the private key" (i.e. taking the encryption algorithm in the "reverse" direction), which is why signatures are often described like this... except that it does not really work like this. Asymmetric encryption with RSA implies a mathematical operation (modular exponentiation) at its core, but also a "padding" which is very important for security; RSA signatures also imply a padding, but a quite distinct one.

So you really should not think about signatures as a kind of encryption. This will just confuse you.

In libtomcrypt, the RSA signature verification function is called rsa_verify_hash().