RSA Security 5.2.2 manual Reference Manual entry on AIPKCSRSAPublic states, Input constraints

MultiPrime

info to B_SetAlgorithmInfo as NULL_PTR:

if ((status = B_SetAlgorithmInfo

(rsaEncryptor, AI_PKCS_RSAPublic, NULL_PTR)) != 0) break;

Step 3: Init

You will encrypt using the recipient’s RSA public key. Normally, you would obtain the public key from the recipient or a certificate service. For this exercise, though, you will simply use the public key you generated in “Generating a Key Pair” on page 214. B_EncryptInit is quick, so you are safe in passing NULL_PTR as the surrender context:

if ((status = B_EncryptInit

(rsaEncryptor, publicKey, RSA_SAMPLE_CHOOSER, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Block 02 padding will be used because we are peforming a public key encryption operation, as specified in PKCS#1 v1.5.

Step 4: Update

The Reference Manual Chapter 2 entry on AI_PKCS_RSAPublic states:

Input constraints:

The total number of bytes to encrypt may not be more than k – 11, where k is the key’s modulus size in bytes.

For this example, the key’s size in bits is 512, which is 64 bytes. So you cannot pass more than 53 bytes. If you were encrypting more than 53 bytes, you could not use AI_PKCS_RSAPublic. If you had more than 53 bytes to encrypt and tried to break it up into smaller units, calling B_EncryptUpdate for each unit, it would not work. That is because PKCS RSA encryption adds padding, and the padding scheme needs at least 11 spare bytes to work. It is intended for digital envelopes and digital signatures, and in those situations, the number of bytes to encrypt is usually eight, 16, or (for BER- encoded digests) 34 or 35. If you want to encrypt larger amounts of data using the RSA algorithm, you must use AI_RSAPublic, also known as raw RSA encryption and decryption. See “Raw RSA Encryption and Decryption” on page 231 for more information.