I thought this patch could give an ability to handle OAEP label with
openssl(1) pkeyutl command, and encryption works fine, but decryption fails.
----------------------------------------------------------------------
openssl genrsa -out rsakey.pem
echo "abcd" | openssl pkeyutl -encrypt -inkey rsakey.pem \
-pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_label:0011223344556677 \
-out rsaoaep.enc
openssl pkeyutl -decrypt -inkey rsakey.pem
-pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_label:0011223344556677 \
-in rsaoaep.enc
----------------------------------------------------------------------
Last command fails with this message.
----------------------------------------------------------------------
Public Key operation error
2798804220048:error:04FFF079:rsa routines:CRYPTO_internal:oaep decoding
error:rsa/rsa_oaep.c:215:
----------------------------------------------------------------------
These commands had succeeded with OpenSSL 1.0.2.
RSA_padding_check_PKCS1_OAEP_mgf1() appears to cause this.
On Wed, Sep 04, 2019 at 06:41:21AM +0300, Stefan Strogin wrote:
> Provide methods: EVP_PKEY_CTX_{g,s}et_rsa_oaep_md,
> EVP_PKEY_CTX_{g,s}et0_rsa_oaep_label.
>
> Based on Stephen Henson's patches for OpenSSL 1.1.0:
> https://github.com/openssl/openssl/commit/271fef0ef39a1c0cb5233a5adf3ff8733abb375e
> https://github.com/openssl/openssl/commit/211a14f6279f127f7a5a59948819bd939131b0b6
