Am going through forum posts looking for RSA OAEP, to announce that we added RSA OAEP in the recent wolfSSL release version 3.9.0. Example code using it can be found in the function rsa_test() located in the file wolfcrypt/test/test.c.

Regards,
Jacob

Correct, for the RsaPublicEncrypt() function, wolfSSL currently uses PKCS #1 v1.5 padding from RFC 2313 (http://tools.ietf.org/html/rfc2313).  We haven't added support for RSA-OAEP padding as of this point.  Do you need OAEP padding or are you able to use RsaPublicEncrypt() with PKCS #1 v1.5 padding?

Traditionally we have offered the OpenSSL compatibility layer for those people porting applications from OpenSSL over to wolfSSL - allowing them to keep many of the same functions in their application code.  The compatibility layer contains about 300 of the most commonly used OpenSSL functions.  As there are over 4,000 OpenSSL functions, this layer does slowly grow as additional projects use it while porting over from OpenSSL to wolfSSL.

Best Regards,
Chris

Hi Frank,

What's your overall gaol that you are trying to accomplish in your application regarding RSA keys?  There may be an easier way to accomplish it using the wolfSSL API.

I'm porting my code from openssl to wolfSSL due to the bloated size of openssl static library.
The application is heavily dependent on multiple ciphers.

In this case i will first use  wolfSSL_KeyPemToDer() to convert the key to der format, then use RsaPublicKeyDecode() to convert it into a rsa key.

Great, that is exactly what i need.

There is a new issue that i discovered today.
wolfSSL_RSA_public_encrypt() is actually not implemented. The implementation simply void the parameters and return a failure code.
I could use RsaPublicEncrypt() but I have no means of using RSA_PKCS1_OAEP_PADDING padding.

Do you have any suggest on this for me?

Thank you alot for your time.

The compatibility layer of the ssl portion is almost a 100% job done. really excellent.
But when it comes to the area of crypto, there is really a lot of work to be done.

What's your overall goal that you are trying to accomplish in your application regarding RSA keys?  There may be an easier way to accomplish it using the wolfSSL API.

The input key to RsaPublicKeyDecode() needs to be in DER format, correct.  wolfSSL embedded SSL does provide a function called CyaSSL_KeyPemToDer() to convert a PEM-encoded key to DER format.  You can also use the OpenSSL command line tool to easily convert a PEM-encoded RSA key to DER format.  You would do something similar to:

openssl rsa -inform PEM -in mykey.pem -outform DER -out mykey.der

RsaPublicKeyDecode() decodes a public RSA key from DER format into an internal RsaKey structure.

If wolfSSL is compiled with key generation (--enable-keygen or define WOLFSSL_KEY_GEN), wolfSSL provides the RsaKeyToDer() function which will convert an internal RsaKey to a DER-encoded buffer.  Is this similar to what you are looking for?

Best Regards,
Chris

DECODING PUBLIC KEY
--------------
I am also of the impression that RsaPublicKeyDecode() in wolfSSL embedded SSL can be be a replacement for PEM_read_bio_RSAPublicKey() or d2i_RSAPublicKey() in openssl without any issues since wolfSSL provides openssl compatibility layer for only private key rsa private key operations

ENCODING PUBLIC KEY
-----------------------------
I couldn't find any function in wolfSSL for encoding public keys.
Is there any wolfSSL alternative for openssl i2d_RSAPublicKey()