5 RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography
9 #include <openssl/rsa.h>
11 int RSA_public_encrypt(int flen, unsigned char *from,
12 unsigned char *to, RSA *rsa, int padding);
14 int RSA_private_decrypt(int flen, unsigned char *from,
15 unsigned char *to, RSA *rsa, int padding);
19 RSA_public_encrypt() encrypts the B<flen> bytes at B<from> (usually a
20 session key) using the public key B<rsa> and stores the ciphertext in
21 B<to>. B<to> must point to B<RSA_size(rsa)> bytes of memory.
23 B<padding> denotes one of the following modes:
27 =item RSA_PKCS1_PADDING
29 PKCS #1 v1.5 padding. This currently is the most widely used mode.
31 =item RSA_PKCS1_OAEP_PADDING
33 EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
34 encoding parameter. This mode is recommended for all new applications.
36 =item RSA_SSLV23_PADDING
38 PKCS #1 v1.5 padding with an SSL-specific modification that denotes
39 that the server is SSL3 capable.
43 Raw RSA encryption. This mode should I<only> be used to implement
44 cryptographically sound padding modes in the application code.
45 Encrypting user data directly with RSA is insecure.
49 B<flen> must be less than RSA_size(rsa) - 11 for the PKCS #1 v1.5
50 based padding modes, and less than RSA_size(rsa) - 21 for
51 RSA_PKCS1_OAEP_PADDING. The random number generator must be seeded
52 prior to calling RSA_public_encrypt().
54 RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the
55 private key B<rsa> and stores the plaintext in B<to>. B<to> must point
56 to a memory section large enough to hold the decrypted data (which is
57 smaller than B<RSA_size(rsa)>). B<padding> is the padding mode that
58 was used to encrypt the data.
62 RSA_public_encrypt() returns the size of the encrypted data (i.e.,
63 RSA_size(rsa)). RSA_private_decrypt() returns the size of the
66 On error, -1 is returned; the error codes can be
67 obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
75 L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_size(3)|RSA_size(3)>
79 The L<RSA_PKCS1_RSAref(3)|RSA_PKCS1_RSAref(3)> method supports only the RSA_PKCS1_PADDING mode.
83 The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
84 available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.