Peter Walker wrote: > Sorry if this sounds ultra noobish but you guys lost me, even though you > probably did answer my question ;) > > The purpose of my application is to send a credit card number in > encrypted format. > > So the parent companies webservice issues me a X509 certificate which > contains their public RSA key. > > I extract the RSA public key from the X509 certificate and use that to > encrypt the credit card number using RSA_public_encrypt with > RSA_PKCS1_PADDING. > > I thought that would be the end of it but it turns out that I needed to > add 16 bytes to the beginning of the raw data before encryption. Then it > all works. > > So as a noob, I just wanted to know if that is the correct requirement > of RSA or a requirement of my parent companies web service only?
You should be following the requirements the company sends you. Even if, by chance and luck, find something that happens to work, there is no reason to believe it will also be *secure*. My bet is the company knows the limitations of PKCS1 padding and so specified that you put 16 bytes of *random* data before the credit card number. But I'm just guessing. (I've seen this done when the other end uses hardware crypto solutions that don't support OAEP. They are trying to work around known weaknesses in deterministic padding.) You need to follow their specification, and if you can't get the specification to work, you can only use trial and error to figure out what questions to ask them. You don't get a secure implementation by trying to see what works. Plenty of insecure things work. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
