Hi Ken,
Ken Goldman wrote:
Could you be a bit more specific. 7.1.1 doesn't give any examples, and combines padding with encryption in a way that's hard to separate.
How can the 'from' length be modulus-1? In my case, I'm receiving a 256 byte value. I decrypt with the private key, and still have a 256 byte value. I then have to remove the padding to get the 20 byte hash.
from 7.1.1:
...
1. Apply the EME-OAEP encoding operation (Section 9.1.1.1) to the message M and the encoding parameters P to produce an encoded message EM of length k-1 octets: EM = EME-OAEP-ENCODE (M, P, k-1).
...
the important part here is "... of length k-1" (where k is the length, in octets, of the modulus). The first byte of the decrypted data is 0x00 which OpenSSL (as it uses bignums for the mathematical operations) automatically removes => the length of the decoded octet string is modulus length - 1
In my example below, I skipped the encrypt/decrypt step for simplicity. How would I modify it to make openssl happy?
increase the modulus length parameter
Finally, the only example I found (in ./crypto/engine/hw_sureware.c:891) has this code:
ret=RSA_padding_check_PKCS1_OAEP( to,tlen, (unsigned char *)buf, tlen,tlen,NULL,0);
The 4th and 5th parameters are equal. How could that code work?
Does it work (from what I see in rsa_oaep.c it would be rather surprising) ?
Cheers, Nils
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
