Naming of methods in RSA_METHOD

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Naming of methods in RSA_METHOD

Rafael Ferrer
I implemented some custom engines and RSA_meth_set_priv_enc seems to map
to other libraries' RSA decrypt operation (NCryptDecrypt ||||on Windows
CNG, Cipher class with Cipher.DECRYPT_MODE on Android). They can do a
TLS connection just fine with a self-signed cert.


I looked at another custom engine and they seem to also use RSA decrypt for
RSA_meth_set_priv_enc:

https://github.com/tpm2-software/tpm2-tss-engine/blob/master/src/tpm2-tss-engine-rsa.c#L163

BoringSSL's (deprecated) rsa_meth_st only has a sign and a decrypt,
having no encrypt operation:

https://commondatastorage.googleapis.com/chromium-boringssl-docs/rsa.h.html#rsa_meth_st


Is this just a naming quirk? I want to put down the nagging feeling I
have a bug somewhere.

Reply | Threaded
Open this post in threaded view
|

Re: Naming of methods in RSA_METHOD

Thulasi Goriparthi
Operations that a private key can do are decrypt and sign. Similarly, operations that a public key can do are encrypt and verify.

The legacy priv_enc(raw) just refers to raw signing, and is almost same as sign(with proper padding mechanisms). 

It is just a misnomer, as data encrypted with a private key can be decrypted by everyone with the corresponding public key. It is actually a sign operation, that lets everyone verify the signature.

Thanks,
Thulasi.


On Sat, 8 Feb, 2020, 08:17 Rafael Ferrer, <[hidden email]> wrote:
I implemented some custom engines and RSA_meth_set_priv_enc seems to map
to other libraries' RSA decrypt operation (NCryptDecrypt ||||on Windows
CNG, Cipher class with Cipher.DECRYPT_MODE on Android). They can do a
TLS connection just fine with a self-signed cert.


I looked at another custom engine and they seem to also use RSA decrypt for
RSA_meth_set_priv_enc:

https://github.com/tpm2-software/tpm2-tss-engine/blob/master/src/tpm2-tss-engine-rsa.c#L163

BoringSSL's (deprecated) rsa_meth_st only has a sign and a decrypt,
having no encrypt operation:

https://commondatastorage.googleapis.com/chromium-boringssl-docs/rsa.h.html#rsa_meth_st


Is this just a naming quirk? I want to put down the nagging feeling I
have a bug somewhere.