Can I use OpenSSL just to encrypt URL parameters?

Question

I just need a public-key encryption scheme that I can use to encrypt parameters being sent by an iPhone app to PHP on a server. I can't use GnuPG because of its license.

The requirements are that the app on the phone be able to communicate with the server without the user entering any credentials. My goal here is to prevent examination of the parameters in the URL and abuse of our system through spoofing. Thus all copies of our app in the wild can look like the same user for purposes of encryption.

I haven't been planning to use HTTPS, because (if I'm not mistaken) it needs sessions or certificates and it seems excessive (but let me know if not); I just need to encrypt and decrypt the parameter portion of the URL.

Since the data to encrypt with an RSA public key must be shorter than the key, the standard procedure is to generate a symmetric private key, encrypt that with the public key, encrypt the data with the generated private key, and then send the generated private key and the encrypted data to the server. It looks like I have most of what I need to encrypt the generated key (except RSA_size() crashes in the process). But I don't know how to specify and set up the encoding of the bulk data with Blowfish or some other algorithm supported by PHP.

Thanks for any insight.