Restrictions

The restrictions for CSNDPKE.

  • A message can be encrypted provided that it is smaller than the public key modulus.

    The term smaller refers to the exact bit count, not the byte count of the modulus. For example, counting bits, the hexadecimal number X'FF' is several bits longer than the number X'1F', even though both numbers are one byte long as represented in computer memory.

  • The exponent of the RSA public key must be odd unless the MRP keyword is supplied.
  • The command PKA Encrypt - Disallow PKOAEP2 (offset X'03F1') is not available in releases before Release 8.1.
  • The RSA public key modulus size (key size) is limited by the Function Control Vector to accommodate governmental export and import regulations.
  • TR-31 tokens can only be used with this verb starting with CCA 8.1.

When using the PKOAEP2 recovery method, the following restrictions apply:

  • the OAEP standard (PKCS #1) defines overhead = (2 * hLen) + 2 bytes. Parameter hLen is the encoding hash algorithm output length in bytes. This gives additional overhead:
    • 42 bytes for SHA-1
    • 58 bytes for SHA-224
    • 66 bytes for SHA-256
    • 98 bytes for SHA-384
    • 130 bytes for SHA-512
  • RSA key size restrictions:
    • The RSA key used must have a modulus size greater than or equal to the total PKOAEP2 message bit length, calculated with the data previously shown, as: source data size + total overhead
    • The minimum source data length is zero bytes, giving total message sizes (and therefore minimum RSA key sizes):
      • 0 + 42 = 42 bytes (336 bits) for SHA-1 OAEP
      • 0 + 58 = 58 bytes (464 bits) for SHA-224 OAEP
      • 0 + 66 = 66 bytes (528 bits) for SHA-256 OAEP
      • 0 + 98 = 98 bytes (784 bits) for SHA-384 OAEP
      • 0 + 130 = 130 bytes (1040 bits) for SHA-512 OAEP
    • The maximum RSA key size is 8192 bits (1024 bytes), therefore the maximum message size is: key size - overhead:
      • 1024 – 42 = 982 bytes (7856 bits) for SHA-1 OAEP
      • 1024 – 58 = 966 bytes (7728 bits) for SHA-224 OAEP
      • 1024 – 66 = 958 bytes (7664 bits) for SHA-256 OAEP
      • 1024 – 98 = 926 bytes (7408 bits) for SHA-384 OAEP
      • 1024 – 130 =894 bytes (7152 bits) for SHA-512 OAEP