Ah, I see. :(
It sounds more like a digital signature than encryption as such.
If it is an RSA digital signature then what they do is calculate a SHA1 hash of the contents of the file, and then encrypt that hash value using the private RSA key.
The client will have the public RSA key and can use that to deterrmine if the file was properly signed using tha matching private key. It proves both that the file was not modifed since it was signed, and also that it was signed using the private key that matches the public key in the client.
If that's the case then without the public key you can't re-sign the modifed files. I'm speculating here with no knowledge of what they have actually done but If this *is* what they are using then you're unfortunatly not going to be able to sign the files.
Your only hope would be to modify the client to expect your own key instead but that's not the question you asked.
|