Naming of methods in RSA_METHOD

Rafael Ferrer eureka6676 at gmail.com
Sun Mar 1 07:51:00 UTC 2020


So I went back to this and I think the problem is we are forced to 
create a RSA_private_encrypt function even if all we want to do is sign.

https://github.com/openssl/openssl/blob/master/crypto/rsa/rsa_pmeth.c#L184

That branch gets hit on doing a TLS connection but not on creating a 
certificate. Ideally, shouldn't RSA_PKCS1_PSS_PADDING (and the other 
padding mode) also be handled by the RSA_sign of the engine 
implementation? I mean it is inside a function called pkey_rsa_sign. 
Though the RSA_sign function signature doesn't seem to allow specifying 
the padding.



More information about the openssl-users mailing list