Re: RSA decryption output length

Re: RSA decryption output length

[Tadeusz Struk]

Hi Tudor-Dan,
On 02/05/2016 07:25 AM, Tudor-Dan Ambarus wrote:
> I see that in qat, if the RSA decryption output data has the first octets of value zero, you skip them, actualize the dst_len and memmove the decrypted data to the initial pointer (see [1]). Why do you do this? Why can't you keep the decryption output data of key length?

This is because the SW RSA implementation works the same way.
MPI lib also discards the leading zeros.
The two implementations have to produce the same output for a given input.
Thanks,

-- 
TS

RE: RSA decryption output length

[Tudor-Dan Ambarus]

Thanks Tadeusz,

The leading zeros are discarded in the process of conversion the byte array data to a big integer. When talking about numbers, the leading zeros are not meaningful.

ta

-----Original Message-----
From: Tadeusz Struk [mailto:tadeusz.struk@intel.com] 
Sent: Friday, February 05, 2016 7:46 PM
To: Tudor-Dan Ambarus; linux-crypto@vger.kernel.org
Subject: Re: RSA decryption output length

Hi Tudor-Dan,
On 02/05/2016 07:25 AM, Tudor-Dan Ambarus wrote:
> I see that in qat, if the RSA decryption output data has the first octets of value zero, you skip them, actualize the dst_len and memmove the decrypted data to the initial pointer (see [1]). Why do you do this? Why can't you keep the decryption output data of key length?

This is because the SW RSA implementation works the same way.
MPI lib also discards the leading zeros.
The two implementations have to produce the same output for a given input.
Thanks,

-- 
TS