Hi all, I happened upon an inconsistency in the openssl command line tool. I think it's a bug, but I wanted to ask the list before filing a report.
OAEP is a supported RSA padding mode on the pkeyutl command. However, there's a typo in how it's implemented on the command line. OAEP requires the constant "oeap" instead of "oaep." The docs say "oaep," but that doesn't work as below -- "oeap" does though [ted@ted crypto]$ openssl pkeyutl -encrypt -in secrets.txt -pubin -inkey my.pubkey -out secrets.enc -pkeyopt rsa_padding_mode:oeap [ted@ted crypto]$ openssl pkeyutl -encrypt -in secrets.txt -pubin -inkey my.pubkey -out secrets.enc -pkeyopt rsa_padding_mode:oaep parameter setting error 140399722927944:error:04090076:rsa routines:PKEY_RSA_CTRL_STR:unknown padding type:rsa_pmeth.c:485: [ted@ted crypto]$ It appears that the typo comes from rsa_pmeth.c on line 612. The switch of the method pkey_rsa_ctrl_str (595-654) uses the input value "oeap" for OAEP, rather than "oaep" as it's called and the docs suggest. For backwards compatibility, it seems both "oeap" and "oaep" should be supported and added to that switch, and perhaps the pkeyutl page should be updated to mention the typo for those stuck on an old version. I spent a while wondering why this didn't work until I looked at rsa_pmeth.c! I'm happy to file a bug report for this if appropriate -- please let me know if so. Thanks, Ted