AM_RSA_CRT_DECRYPT
AM_RSA_CRT_ENCRYPT_BLIND

AI_PKCS_RSAPrivateBER

Algorithm methods to include in application’s algorithm chooser:

AM_RSA_CRT_ENCRYPT or AM_RSA_CRT_ENCRYPT_BLIND for encryption, or AM_RSA_CRT_DECRYPT or AM_RSA_CRT_DECRYPT_BLIND for decryption.

and AM_RSA_CRT_DECRYPT_BLIND perform blinding to

protect against timing attacks, whereas AM_RSA_CRT_ENCRYPT and do not.

Key info types for keyObject in B_EncryptInit or B_DecryptInit:

KI_RSA_CRT, KI_PKCS_RSAPrivate, KI_PKCS_RSAPrivateBER, or KI_RSAPrivateBSAFE1.

Compatible representation:

AI_PKCS_RSAPrivate, AI_PKCS_RSAPrivatePEM.

Input constraints:

The total number of bytes to encrypt may not be more than k – 11, where k is the key’s modulus size in bytes.

Output considerations:

The output of encryption will be the same size as the key’s modulus.

C h a p t e r 2 A l g o r i t h m I n f o Ty p e s

169

Page 178 Page 180
Page 179
Image 179
RSA Security 5 manual A p t e r 2 a l g o r i t h m I n f o Ty p e s 169
Page 178 Page 180
Top Page Image Contents