My parent company specified the use of RSA_PKCS1_PADDING and being a complete noob at cryptography I do not know if that is a good or bad choice but it is the one that is forced upon me?
________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kenneth Goldman Sent: 17 September 2008 15:47 To: openssl-users@openssl.org Subject: Re: Do you have to pre-pend 16 bytes to a raw value before RSA encryption [EMAIL PROTECTED] wrote on 09/17/2008 08:10:09 AM: > I just completed writing my first program using libcrypto to handle > RSA encryption sing a public key extracted from a X509 certificate. > This program communicates with a service created by our parent company. > > The first attempts that I made to run my program against the > service, resulted in an error back from it stating that an encrypted > field was required. After much brow beating, I spoke to a colleague > of mine that works on another system and had to interface that > system in to parent company service as well. He said that he had to > pre-pend 16 byte sof data to the raw field prior to encrypting through RSA. > > Sure enough, having pre-pended 16 bytes to my raw field before > encrypting through RSA_public_encrypt() and sent the result to > service, I got success! > > So my question is, is it required to pre-pend 16 bytes to the raw > field or is this something my parent company are doing for their own reasons? What padding are you specifying? I suspect that you are specifying no padding, in which case the size of the input must be the same as the size of the key. Use one of the standard paddings. Roll your own after consulting with a many competent cryptographers. (If they're competent, they'll tell you not to roll your own.)
