Chapter 2 Algorithm Info Types 161
AI_PKCS_OAEPRecodeBER
AI_PKCS_OAEPRecodeBER
Purpose:
This AI is similar to AI_PKCS_OAEPRecode except that it uses the ASN.1 BER format.
This AI allows you to parse and create ASN.1 algorithm identifiers such as those used
in PKCS #7 and other protocols. You call
B_SetAlgorithmInfo to initialize an
algorithm object from the encoded algorithm identifier that includes the hash
function, mask generator function, and P source function. You call
B_GetAlgorithmInfo with this AI to create an encoded algorithm identifier from an
algorithm object that was created using
AI_PKCS_OAEPRecode or
AI_PKCS_OAEPRecodeBER. The OID for the RSA OAEP encryption, excluding the tag
and length bytes, in decimal, is “
42, 134, 72, 134, 247, 13, 1, 1, 7”. The OID for
the mask function, excluding the tag and length bytes, in decimal, is “
42, 134, 72,
134, 247, 13, 1, 1, 8
”. The OID for the P source function, excluding the tag and
length bytes, in decimal, is “
42, 134, 72, 134, 247, 13, 1, 1, 9”. Also see
AI_PKCS_OAEPRecode.
Type of information this allows you to use:
OAEP message padding as defined in PKCS #1 v2.0. When encoding, this algorithm
encodes the data according to the definition of EME-OAEP-Encode as specified in
PKCS #1 v2.0. When decoding, this algorithm decodes the data according to the
definition of EME-OAEP-Decode.
This permits the use of raw or hardware-based RSA encryption with the PKCS #1 v2.0
flavor of Optimal Asymmetric Encryption Padding.
Format of info supplied to B_SetAlgorithmInfo:
pointer to an ITEM structure that gives the address and length of the BER-encoded
algorithm identifier. The encoding is converted to DER before it is copied to the
algorithm object.
B_SetAlgorithmInfo returns BE_WRONG_ALGORITHM_INFO if the
algorithm identifier specifies an algorithm other than RSAES-OAEP Encryption as
specified by PKCS #1 v2.0.
The general ASN.1 syntax for RSAES-OAEP is complicated. The simple DER
