[openssl-users] Using random bytes only in openssl_encrypt versus real private key

Viktor Dukhovni openssl-users at dukhovni.org
Sun Sep 2 22:57:11 UTC 2018

> On Sep 2, 2018, at 6:51 PM, Jim Dutton <randomnoise058 at gmail.com> wrote:
> It is interesting to note that the openssl_private_encrypt function appears
> to require a "true" private key and either expects or defaults to RSA.

Not surprising, given the name and brief documentation.

> In both cases neither PHP-OpenSSL nor OpenSSL documentation make these
> distinctions between the two "encrypt" functions.

Private key encryption is a low-level primitive that is fragile in
non-expert hands.  Avoid if you're not steeped in cryptographic
lore.  Use a higher-level protocol that makes use of such primitives


More information about the openssl-users mailing list