AI_RSAPublicBSAFE1

integer at the beginning of the buffer.

Algorithm methods to include in application’s algorithm chooser:

AM_RSA_ENCRYPT for encryption or AM_RSA_DECRYPT for decryption.

Key info types for keyObject in B_EncryptInit or B_DecryptInit:

KI_RSAPublic, KI_RSAPublicBER, or KI_RSAPublicBSAFE1.

Input constraints:

In raw mode, the total number of input bytes must be a multiple of the key’s modulus size in bytes. Also, each modulus-size block of input, interpreted as an integer with the most significant byte first, must be numerically less than the key’s modulus.

Output considerations:

In pad mode and in pad with checksum mode, the output can be as large as one block greater than the number of input blocks, where each block is the size of the key’s modulus size in bytes. For instance, given a 512-bit (64-byte) key and input of 64 bytes or less (one block), the output can be either 64 or 128 bytes long. With input of more than 64 bytes but less than or equal to 128 (two blocks), the output can be either 128 or 192 bytes long.

C h a p t e r 2 A l g o r i t h m I n f o Ty p e s

217

Page 227
Image 227
RSA Security 5 manual A p t e r 2 a l g o r i t h m I n f o Ty p e s 217