RSA Security 5.2.2 General Considerations

System Considerations In Crypto-C

128 RSA BSAFE Crypto-C Developer’s Guide

This applies to PKCS #1 v1.5 block 02 padding. Set OAEP or PKCS #12 OAEP

have different requirements. Refer to the RSA BSAFE Crypto-C Reference Manual

for the corresponding algorithm information type (AI) to obtain more

information.

•For raw RSA encryption and decryption, the application must divide the

encryption or decryption input into blocks. Each block must have the same

number of bits as the RSA modulus and, when interpreted as an integer with the

most significant byte first, must be numerically less than the modulus. In

addition, the size of the total input must be a multiple of the size of the modulus.

That is, if the modulus is k bits long, each block of input must be k bits long, and

the total input must be a multiple of k bits.

For example, if the modulus is 768 bits (96 bytes) long, the input must be divided

into blocks of 96 bytes, and the total input must be a multiple of 96 bytes. See

“Raw RSA Encryption and Decryption” on page231 for more information on how

to pass data properly.

The output of raw RSA encryption and decryption is the same size as the input.

In general, there should be no need for raw RSA encryption or decryption. We do

not recommend using raw RSA encryption and decryption unless you are

familiar with the issues involved.

General Considerations

In general, Crypto-C has mechanisms to keep you aware of input constraints and

output considerations. If your input does not meet these constraints, Crypto-C will

return an error message.

For output, Crypto-C requires that you pass the size of the output buffer. In this way,

Crypto-C will determine whether there is enough space available before trying to

store output. If your buffer is not big enough, Crypto-C will return an error.

Most important of all, when it comes to output, Crypto-C tells you how many bytes it

placed into the output buffer. That argument is unsigned int *partOutLen in the

Update and Final function prototypes. Pass an address to an unsigned int and

Crypto-C will go to that address and drop a value there. That value is the number of

bytes Crypto-C placed into the output buffer. After the call to Crypto-C, you can look

at that value to determine how many bytes were processed. It may not be the same

number as the input length. It might be more; it might be less. It may even be zero.