login about faq

What exactly does each of the above RSA methods do?

asked Oct 24 '12 at 12:03

chilkat's gravatar image

chilkat ♦♦
11.8k316358421


This post is for those wishing to understand internal structure of the outputs produced by each of these methods.

EncryptBytes:

  1. RSA encryption is computationally intensive, and therefore RSA is typically used for small bits of data, such as for encrypting symmetric encryption keys. Assuming there are not too many bytes to be encrypted, the output size is equal to the modulus bit length (i.e. the RSA key length). For example, if a 1024-bit key is used, the output is 128 bytes. (Otherwise the input is chunked into pieces, and each piece is RSA-encrypted and the output is a series of RSA encrypted chunks, each chunk having the size of the RSA key.)
  2. The first step of RSA encryption is to pad the input using either PKCS v1.5 or OAEP padding. Note: the padding involves randomly generated bytes, and thus the encrypted output of identical data will differ each time.
  3. The 2nd step is to do the RSA modular exponentiation using the desired key (public or private).
  4. The final step is to 4321 byte swap the output depending on whether little-endian or bit-endian output is desired.

SignBytes:

  1. First hash the input data using the chosen hash algorithm (such as SHA-1, SHA-256, etc.)
  2. Next pad the hash using either PKCS v1.5 or PSS. Note: PKCS v1.5 padding for signatures is different than for encryption. It does not use randomly generated bytes. The PKCS v1.5 padding algorithm first ASN.1 encodes the hash into the following ASN.1 format, and then pads it:
    SEQUENCE {
        SEQUENCE {
            hashOid OID
            NULL
        }
        hash OCTET STRING 
    }

3) The RSA modular exponentiation is performed on the padded data using the desired key (public or private).

4) The final step is to 4321 byte swap the output depending on whether little-endian or bit-endian output is desired.

OpenSslSignBytes

  1. With the OpenSsl* signature functions, it is assumed that the data passed in is already a hash. No automatic hashing is performed as w/ the Sign* methods. (Therefore, the number of bytes passed to an OpenSslSign* methods must be reasonably small (i.e. as small as a hash would typically be).)
  2. The data is PKCS v1.5 padded directly -- meaning that it is NOT embedded within an ASN.1 encoded structure first. There is no option for PSS padding.
  3. The RSA modular exponentiation is performed on the padded data using the desired key (public or private).
  4. The final step is to 4321 byte swap the output depending on whether little-endian or bit-endian output is desired.
link

answered Oct 24 '12 at 12:30

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×47
×12
×8
×8

Asked: Oct 24 '12 at 12:03

Seen: 2,356 times

Last updated: Oct 24 '12 at 12:31

powered by OSQA