This is almost the same question I have been asking about in the "Strange rsa_lib application" thread. The danger of using RSA_NO_PADDING seems to be the problem I ran into, which is that the plaintext can be too big for the key. The suggested solution (after ruling out doing something more normal, like using padding and a bigger key) was to assure that the high bit of the plaintext is never set.
> -----Original Message-----
> From: sharun santhosh [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, December 17, 2002 12:32 PM
> To: [EMAIL PROTECTED]
> Subject: RE: ciphertext should match length of key?
>
>
> Thanks for that....
> how does Padding fit into this
> I have been using RSA_NO_PADDING with
> RSA_public_encrypt....
> man pages say this is not such a good idea
>
> but my call to RSA_public_encrypt fails if i use any
> of the other PADDING options....i am assuming this is
> because my msg(to be encrypted) is as big as the key.
>
> What are the dangers/consequences of using
> RSA_NO_PADDING ?
>
>
> --- "Wade L. Scholine" <[EMAIL PROTECTED]> wrote:
> >
> > sharun santhosh asks:
> >
> > > In openssl-0.9.6g/demos/maurice/example2.c
> > >
> > > why is a check performed after calling
> > > RSA_public_encrypt
> > >
> > >
> > > if (len != EVP_PKEY_size(pubKey))
> > > {
> > > fprintf(stderr,"Error: ciphertext should
> > match
> > > length of key\n");
> > > exit(1);
> > > }
> >
> > Because RSA is a block cipher with the block size
> > equal to the key size.
> >
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
