Naming of methods in RSA_METHOD
Rafael Ferrer
eureka6676 at gmail.com
Sun Mar 1 07:51:00 UTC 2020
So I went back to this and I think the problem is we are forced to
create a RSA_private_encrypt function even if all we want to do is sign.
https://github.com/openssl/openssl/blob/master/crypto/rsa/rsa_pmeth.c#L184
That branch gets hit on doing a TLS connection but not on creating a
certificate. Ideally, shouldn't RSA_PKCS1_PSS_PADDING (and the other
padding mode) also be handled by the RSA_sign of the engine
implementation? I mean it is inside a function called pkey_rsa_sign.
Though the RSA_sign function signature doesn't seem to allow specifying
the padding.
More information about the openssl-users
mailing list