Hi all, this week I was working on a cryptography project. I was a bit confused
about lot of openssl command. Especially the role of encrypt vs sign. So I shared what I learn,
hope it also help you. I realize that encrypting is done using public key, not private key.
Super weird at first, but it makes sense. Everyone has our public key, but no one has our private
key. To decrypt it, one needs the private key.
Signing, on the other hand, using private key to write message signature. People use the public
key to verify that it is actually sign with the private key associate with the public key. Thefore,
we can trust the message was generate by right person. Signing is like hashing where you cannot reverse
it to original data. It for verification purpose only.