1. This function can be used to encrypt a document using an RSA public key (with PKCS1 OAEP as the padding algorithm). Decryption will be done using function RSAprivdecrypt with the help of the corresponding RSA private key.

2. The algorithm used here cannot handle documents larger than (RSAgetkeysize(kfile)/8-41) bytes. Typically, encryption of larger documents will be performed with a symmetric cipher (see crypt I/O driver, Section Driver crypt) using a randomly generated key (that can be produced with sslrandomdata), in which case the asymmetric cipher is used to encrypt only this random key. The decryption then also operates in two steps: the key is first decrypted using RSAprivdecrypt (with a private key) and after this the document can be restored from the decrypted symmetric key.

3. If the key file name does not include an explicit path ( e.g. "somekey"), it is searched for in the default public keys directory located at getparam("ssl_dir")+"/pubkeys" instead of the current working directory. It is required to prefix the key file name with "./" in order to access a key file from the current directory ( e.g. "./somekey").