[openssl-users] EVP_SealInit question

Jakob Bohm jb-openssl at wisemo.com
Tue Aug 16 02:34:09 UTC 2016

There are (generally) 3 kinds of asymmetric cryptographic algorithms:

1. Signature algorithms, such as DSS, ECDSS, Ed255, and 3 modes of the 
RSA algorithm.

2. Key exchange/generation algorithms such as DH, ECDH and SRP.

3. Key encryption algorithms, such as 2 other modes of the RSA algorithm.

EVP_SealInit() is a function to invoke key encryption algorithms with a 
brand new random key.

On 16/08/2016 02:38, Norm Green wrote:
> Sorry, I'm still not quite getting it.
> It sounds like you're saying that only RSA supports encrypting with a 
> public key.  But can't any asymmetric encryption algorithm encrypt 
> using the public key?  Why is RSA special in this regard?
> Norm Green
> On 8/15/2016 5:31 PM, Dr. Stephen Henson wrote:
>> On Mon, Aug 15, 2016, Norm Green wrote:
>>> Ok, thanks.
>>> What I don't understand is what key transport has to do with
>>> EV_SealInit() ?  Why is key transport important here ?
>> Because EVP_SealInit() generates a random symmetric key and encrypts 
>> it using
>> one or more public keys. For this to work the public key algorithm 
>> has to
>> support encryption of the symmetric key using a public key aka key 
>> transport.
>> Of the public key algorithms OpenSSL currently implements only RSA 
>> has that
>> operation.


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list