RSA Security 5 manual AIPKCSOAEPRSAPrivateBER

AI_PKCS_OAEP_RSAPrivateBER

AI_PKCS_OAEP_RSAPrivateBER

Purpose:

This AI is similar to AI_PKCS_OAEP_RSAPrivate except that it uses the ASN.1 BER format. This AI allows you to parse and create ASN.1 algorithm identifiers such as those used in PKCS #7 and other protocols. You call B_SetAlgorithmInfo to initialize an algorithm object from the encoded algorithm identifier that includes the hash function, mask generator function, and P source function. You call B_GetAlgorithmInfo with this AI to create an encoded algorithm identifier from an algorithm object that was created using AI_PKCS_OAEP_RSAPrivate or AI_PKCS_OAEP_RSAPrivateBER. The OID for the RSA OAEP encryption, excluding the tag and length bytes, in decimal, is “42, 134, 72, 134, 247, 13, 1, 1, 7”. The OID for the mask function, excluding the tag and length bytes, in decimal, is “42, 134, 72, 134, 247, 13, 1, 1, 8”. The OID for the P source function, excluding the tag and length bytes, in decimal, is “42, 134, 72, 134, 247, 13, 1, 1, 9”. Also see

.

Type of information this allows you to use:

the RSA algorithm for performing private-key decryption with OAEP message padding as defined in PKCS #1 v2.0. When decrypting, this algorithm decodes the data according to the definition of EME-OAEP-Decode as specified in PKCS #1 v2.0.

Format of info supplied to B_SetAlgorithmInfo:

pointer to an ITEM structure that gives the address and length of the BER-encoded algorithm identifier. The encoding is converted to DER before it is copied to the algorithm object. B_SetAlgorithmInfo returns BE_WRONG_ALGORITHM_INFO if the algorithm identifier specifies an algorithm other than RSAES-OAEP Encryption as specified by PKCS #1 v2.0.

The general ASN.1 syntax for RSAES-OAEP is complicated. The simple DER encoding of the default algorithm is given first, followed by the general syntax.