PKCS#1 padding type 1 pads with 0xff bytes, and padding type 2 pads with
random data (terminated with a 0x00 byte). You probably observed that
RSA_eay_public_encrypt uses padding type 2 (random data), though
RSA_eay_private_encrypt uses padding type 1. Since "RSA encryption"
typically means encrypting with a public key (not a private key as in your
case), then this implementation does use random padding bytes. You're
encrypting with a private key which is not usually done other than for a
signing operation. I'm guessing that RSA_eay_private_encrypt uses padding
type 1 since this function isn't intended for encrypting data, just signing
it, because data that can be decrypted with a "public" key isn't really
secure.
Steven
--
Steven Reddie <[EMAIL PROTECTED]>
Senior Software Engineer
Computer Associates Pty Ltd (Australia)
> -----Original Message-----
> From: Jan Zoellner [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, February 16, 2001 12:13 AM
> To: [EMAIL PROTECTED]
> Subject: Re: RSA Encrypt/Decrypt fails
>
> I reimplemented the whole thing to be padded with random data (which are
> discarded upon decryption). PKCS#1 padding is worse than that, if I
> interpret the source correctly.
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
