On Wed, Jun 30, 2004, Kent Yoder wrote: > Hi, > > I need to set the OAEP padding parameter for some data I need to encrypt/ > decrypt in order to send to another entity who uses this parameter. It > appears that inside OpenSSL, the parameter is hard coded to NULL. (crypto/ > rsa/rsa_eay.c:124 in 0.9.7d). > Would OpenSSL accept a patch to allow the setting of this parameter? One > possible solution would be to create a padding char* and length in the RSA > object, allow the app to set that, and pass it in inside > RSA_eay_public_encrypt(). If this is the preferred way, I'd be glad to write > up a patch and submit. >
The RSA structure isn't really appropriate for this purpose since its supposed to be the keying material which may be shared amongst several threads. If it was passed in the RSA there could be race conditions with shared keys. There should be a way to pass additional parameters to the RSA_*() operations in the same way that this can be done with symmetric ciphers but this isn't currently possible and has various complications associated with it. This will be needed in future because OAEP may well be used with additional digests or possibly alternative MGFs and additional parameters will be needed for PSS too. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
