On Wed, Sep 07, 2016, Daniel Knoppel wrote: > Dear all, > > I was wondering about two things: > > 1. Can the EVP_Seal*() functions be told to use RSA_PKCS1_OAEP_PADDING, > or do I need to stick with the lower level RSA_public_encrypt()? > > >From the source code it seems to me that RSA_PKCS1_PADDING is hardcoded > because EVP_SealInit() [1] calls EVP_PKEY_encrypt_old() [2], which in > turn has the line with hardcoded padding: > > ret = RSA_public_encrypt(key_len, key, ek, EVP_PKEY_get0_RSA(pubk), > RSA_PKCS1_PADDING); > EVP_Seal*() is an old function hard coded to use RSA_PKCS1_PADDING as you've observed. You don't need to use the low level RSA_public_encrypt() function for OAEP. Instead use the EVP_PKEY APIs EVP_PKEY_encrypt() and EVP_PKEY_decrypt() with the padding mode modified and appropriate parameters set. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org
