Thank you, Matt for your quick reply. I have additional questions: I looked both links below:
https://www.openssl.org/docs/crypto/EVP_PKEY_encrypt.html https://www.openssl.org/docs/crypto/EVP_PKEY_decrypt.html One for encryption, one for decryption, however, example code in the links are the same, which can not be true. I have the following code segment: ERR_load_crypto_strings(); pkey = EVP_PKEY_new(); rc = EVP_PKEY_assign_RSA(pkey, rsaKey); if (rc) { ctx = EVP_PKEY_CTX_new(pkey); if (!ctx) { rc = -1; } rc = EVP_PKEY_CTX_set_signature_md(ctx, md); if (rc == 1) rc = EVP_PKEY_encrypt_init(ctx); if (rc == 1) rc = EVP_PKEY_CTX_set_rsa_padding(ctx, pad); if (rc == 1) rc = EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0) } EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); This code should perform similar function as EVP_Sign... except padding part. Is it correct? Thanks Helen ________________________________ From: Matt Caswell <fr...@baggins.org> To: openssl-users@openssl.org Sent: Tuesday, January 21, 2014 1:35 PM Subject: Re: RSA_public_decrypt(), and RSA_private_encrypt() On 21 January 2014 15:44, HelenH Zhang <helen...@yahoo.com> wrote: > Dear experts: > > We want to be able to specify padding. > RSA_PKCS1_PADDING or RSA_NO_PADDING. > > I would like to use EVP API instead of RSA_Public_decrypt(), and > RSA_Private_encrypt(). > Which API should I use? > > I am currently using EVP_SignInit()/Update/Final() to do rsa sign, and > EVP_VerifyInit/Update/Final to do rsa verify. > > Thanks in advance for any suggestion. > Helen > Padding can be set using EVP_PKEY_CTX_set_rsa_padding. See: https://www.openssl.org/docs/crypto/EVP_PKEY_CTX_ctrl.html Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org