[openssl-users] How can I generate an RSA Public Key with OAEP padding?

Socrates lists-sa at protonmail.com
Thu Jul 28 06:33:51 UTC 2016


Even though I have used openssl or ssh-keygen for years to generate key pairs mainly for SSH purposes, I don't know much about the underlying theory and finer details of cryptography.

I want to use JSON Web Encryption (JWE) and there we have this concept of Key Encryption. Key Encryption can be done using RSAES-PKCS1-v1_5 or RSA-OAEP or RSA-OAEP-256 (c.f. https://tools.ietf.org/html/rfc7518#section-4.2 and https://tools.ietf.org/html/rfc7518#section-4.3).

The question is how can I use openssl command line tool to create a public key using RSAES-PKCS1-v1_5, RSA-OAEP, or RSA-OAEP-256 (paddings?)?

At the moment, I use the following command to create a PEM file:

openssl genrsa -out example.pem 2048

Then I use the following command to extract the public key:

openssl rsa -in example.pem -pubout example.pub

What padding is used for this public key? How can I specify that I want it to be generated with RSAES-PKCS1-v1_5, RSA-OAEP, or RSA-OAEP-256 paddings?

Thanks in advance,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160728/2ee78a33/attachment.html>

More information about the openssl-users mailing list