Kenneth Goldman wrote: > What padding are you specifying? I suspect that you are specifying > no padding, in which case the size of the input must be the same > as the size of the key.
No. The input is the same size as the *modulus*. When used in encryption the recommended approach for RSA is to pad every block, and not to encrypt MODULUS-SIZE bytes of plaintext. There are very good reasons for this which will not be obvious to all readers of this thread, but you would want to use OAEP (Optimal Asymmetric Encryption Padding) if you are doing something other than signing (e.g. using RSA for to encrypt a session key). If the OP means what he says, which is *signing* a public key (the purpose of which is entirely unclear to me), then the plaintext will be the hash of the pubkey, right? In which case the padding will have to be sufficient to fill the remaining RSA block size, whatever that is. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]