Integer at the beginning of the buffer

AM_RSA_CRT_DECRYPT

AM_RSA_CRT_ENCRYPT_BLIND

AI_RSAPrivateBSAFE1

integer at the beginning of the buffer.

Algorithm methods to include in application’s algorithm chooser:

AM_RSA_CRT_ENCRYPT or AM_RSA_CRT_ENCRYPT_BLIND for encryption, or AM_RSA_CRT_DECRYPT or AM_RSA_CRT_DECRYPT_BLIND for decryption.

and AM_RSA_CRT_DECRYPT_BLIND perform blinding to

protect against timing attacks, whereas AM_RSA_CRT_ENCRYPT and do not.

Key info types for keyObject in B_EncryptInit or B_DecryptInit:

KI_RSA_CRT, KI_PKCS_RSAPrivate, KI_PKCS_RSAPrivateBER, or KI_RSAPrivateBSAFE1.

Input constraints:

In raw mode, the total number of input bytes must be a multiple of the key’s modulus size in bytes. Also, each modulus-size block of input, interpreted as an integer with the most significant byte first, must be numerically less than the key’s modulus.

Output considerations:

In pad mode and in pad with checksum mode, the output can be as large as one block greater than the number of input blocks, where each block is the size of the key’s modulus size in bytes. For instance, given a 512-bit (64-byte) key and input of 64 bytes or less (one block), the output can be either 64 or 128 bytes long. With input of more than 64 bytes but less than or equal to 128 (two blocks), the output can be either 128 or 192 bytes long.

C h a p t e r 2 A l g o r i t h m I n f o Ty p e s

213

RSA Security 5 manual Integer at the beginning of the buffer

Models: 5

integer at the beginning of the buffer.

Input constraints:

Output considerations: