提交 2b40660e 编写于 作者: B Bodo Möller

Add OAEP. Seed the PRNG.

上级 f5882ce7
......@@ -121,6 +121,7 @@ int MAIN(int argc, char **argv)
else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
else if(!strcmp(*argv, "-sign")) {
......@@ -146,6 +147,9 @@ int MAIN(int argc, char **argv)
goto end;
}
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
switch(key_type) {
case KEY_PRIVKEY:
pkey = load_key(bio_err, keyfile, keyform, NULL);
......@@ -266,7 +270,8 @@ static void usage()
BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n");
BIO_printf(bio_err, "-ssl use SSL v2 padding\n");
BIO_printf(bio_err, "-raw use no padding\n");
BIO_printf(bio_err, "-pkcs use PKCS#1 padding (default)\n");
BIO_printf(bio_err, "-pkcs use PKCS#1 v.15 padding (default)\n");
BIO_printf(bio_err, "-oaep use PKCS#1 OAEP\n");
BIO_printf(bio_err, "-sign sign with private key\n");
BIO_printf(bio_err, "-verify verify with public key\n");
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
......
......@@ -70,10 +70,12 @@ encrypt the input data using an RSA public key.
decrypt the input data using an RSA private key.
=item B<-pkcs, -ssl, -raw>
=item B<-pkcs, -oaep, -ssl, -raw>
the padding to use, PKCS#1 v1.5 (the default) SSL v2 or no padding
respectively.
the padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
special padding used in SSL v2 backwards compatible handshakes,
or no padding, respectively.
For signatures, only B<-pkcs> and B<-raw> can be used.
=item B<-hexdump>
......@@ -93,7 +95,7 @@ used to sign or verify small pieces of data.
=head1 EXAMPLES
Sign the some data using a private key:
Sign some data using a private key:
openssl rsautl -sign -in file -inkey key.pem -out sig
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册