Hi, While implementing my application with RSA, I came across this paper: https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf
When I implement RSA private key operation with CRT, should I do an extra verify operation suggested in the paper (section 1.3)? or is this handled by OpenSSL already? (More specifically in versions 1.0.2, 1.1.0, and 1.1.1) i.e. When I'm doing RSA CRT private key operation: - Is calling RSA_private_encrypt() sufficient? OR - Should I call RSA_private_encrypt() to get the cipher text, and pass the cipher text to RSA_public_decrypt() (without using CRT). And return the cipher text only if decrypt(encrypt(original_text)) matches the original text? Thanks
