Good guess - the high byte must be 0 during encryption to ensure that the cryptogram is smaller than modulus when represented as an integer. And of course the zero byte doesn't get actually encrypted, so when the cryptogram is decrypted with the Private Key, the first octet is the BlockType 0x02. I went wrong because the document showed the contents of the buffer to be encrypted, and I assumed the same data would be present upon decryption. Thanks for pushing me in the right direction to figure this out.
-- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
