AI_PKCS_OAEP_RSAPrivateBER
--This identifier means that P is an empty string, so the digest
--of the empty string appears in the RSA block before masking.
pSpecifiedEmptyIdentifier ::= AlgorithmIdentifier {
}
Format of info supplied to B_GetAlgorithmInfo:
pointer to an ITEM structure that gives the address and length of the
Crypto-C procedures to use with algorithm object:
The following procedures perform OAEP padding with encryption:
B_DecryptInit, B_DecryptUpdate, and B_DecryptFinal. You may pass
(B_ALGORITHM_OBJ)NULL_PTR for the randomAlgorithm argument in B_DecryptUpdate and B_DecryptFinal.
Algorithm methods to include in application's algorithm chooser:
AM_RSA_CRT_DECRYPT or AM_RSA_CRT_DECRYPT_BLIND for decryption.
AM_RSA_CRT_DECRYPT_BLIND performs blinding to protect against timing attacks, whereas AM_RSA_CRT_DECRYPT does not. AM_SHA is required for the default pSource digest function. It is also required for MGF1 as underlying algorithm.
Key info types for keyObject in B_EncryptInit or B_DecryptInit:
KI_RSA_CRT, KI_PKCS_RSAPrivate, or KI_PKCS_RSAPrivateBER.
Compatible representation:
AI_PKCS_OAEP_RSAPrivate.
Output considerations:
The output of decryption will be the same size as the original message.
C h a p t e r 2 A l g o r i t h m I n f o Ty p e s | 147 |