RSA Security 5.2.2 manual General Considerations

System Considerations In Crypto-C

This applies to PKCS #1 v1.5 block 02 padding. Set OAEP or PKCS #12 OAEP have different requirements. Refer to the RSA BSAFE Crypto-C Reference Manual for the corresponding algorithm information type (AI) to obtain more information.

•For raw RSA encryption and decryption, the application must divide the encryption or decryption input into blocks. Each block must have the same number of bits as the RSA modulus and, when interpreted as an integer with the most significant byte first, must be numerically less than the modulus. In addition, the size of the total input must be a multiple of the size of the modulus. That is, if the modulus is k bits long, each block of input must be k bits long, and the total input must be a multiple of k bits.

For example, if the modulus is 768 bits (96 bytes) long, the input must be divided into blocks of 96 bytes, and the total input must be a multiple of 96 bytes. See “Raw RSA Encryption and Decryption” on page 231 for more information on how to pass data properly.

The output of raw RSA encryption and decryption is the same size as the input.

In general, there should be no need for raw RSA encryption or decryption. We do not recommend using raw RSA encryption and decryption unless you are familiar with the issues involved.

General Considerations

In general, Crypto-C has mechanisms to keep you aware of input constraints and output considerations. If your input does not meet these constraints, Crypto-C will return an error message.

For output, Crypto-C requires that you pass the size of the output buffer. In this way, Crypto-C will determine whether there is enough space available before trying to store output. If your buffer is not big enough, Crypto-C will return an error.

Most important of all, when it comes to output, Crypto-C tells you how many bytes it placed into the output buffer. That argument is unsigned int *partOutLen in the Update and Final function prototypes. Pass an address to an unsigned int and Crypto-C will go to that address and drop a value there. That value is the number of bytes Crypto-C placed into the output buffer. After the call to Crypto-C, you can look at that value to determine how many bytes were processed. It may not be the same number as the input length. It might be more; it might be less. It may even be zero.