Could you be a bit more specific. 7.1.1 doesn't give any examples,
and combines padding with encryption in a way that's hard to separate.
How can the 'from' length be modulus-1? In my case, I'm receiving a
256 byte value. I decrypt with the private key, and still have a 256
byte value. I then have to remove the padding to get the 20 byte
hash.
In my example below, I skipped the encrypt/decrypt step for
simplicity. How would I modify it to make openssl happy?
Finally, the only example I found (in
./crypto/engine/hw_sureware.c:891) has this code:
ret=RSA_padding_check_PKCS1_OAEP(
to,tlen,
(unsigned char *)buf,
tlen,tlen,NULL,0);
The 4th and 5th parameters are equal. How could that code work?
Nils responded:
> No, the 'from' length is normally the length of the modulus - 1
> (see pkcs1 chapter 7.1.1 etc.).
I wrote:
> I'm trying to understand the 5th parameter to the
> RSA_padding_check_PKCS1_OAEP function. The documentation implies that
> it's the length of the modulus, which I would think is typically the
> same length as the 'from' data.
>
> However, the implementation almost immediately tests that the 5th
> parameter is greater than the 4th parameter.
>
> Here's a very short test case that:
>
> - creates a 20 byte 'hash'
> - adds OAEP padding
> - checks OAEP padding
> - fails
>
> What am I doing wrong?
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~ cut here ~~~~~~~~~~~~~~
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <string.h>
>
> #include <openssl/rsa.h>
> #include <openssl/err.h>
>
> int main(int argc, char **argv)
> {
>
> int rc = 0;
> unsigned char data_in[256];
> unsigned char data_pad[256];
> unsigned char data_out[256];
>
> unsigned long error;
> const char *file;
> int line;
> const char *data;
> int flags;
>
> /* data to pad */
> memset(data_in, 0x55, 256);
> rc = RSA_padding_add_PKCS1_OAEP(data_pad, /* unsigned char *to */
> 256, /* int tlen */
> data_in, /* unsigned char *f */
> 20, /* int fl */
> NULL, /* unsigned char *p */
> 0); /* int pl */
> printf("RSA_padding_add_PKCS1_OAEP rc %d\n", rc);
>
> if (rc == 1) { /* 1 is success, 0 is error */
>
> rc = RSA_padding_check_PKCS1_OAEP(data_out, /* unsigned char *to */
> 256, /* int tlen */
> data_pad, /* unsigned char *f */
> 256, /* int fl */
> 256, /* int rsa_len */
> NULL, /* unsigned char *p */
> 0); /* int pl */
> /* -1 is error */
> printf("RSA_padding_check_PKCS1_OAEP rc %d\n", rc);
> error = ERR_get_error_line_data(&file, &line, &data, &flags);
> printf("error %08lx file %s line %d data %s flags %08x\n",
> error, file, line, data, flags);
> }
> return EXIT_SUCCESS;
> }
--
Ken Goldman [EMAIL PROTECTED] 914-784-7646
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
