Restrictions
The restrictions for CSNDPKD.
- The exponent of the RSA public key must be odd.
- The command PKA Decrypt - Disallow PKOAEP2 (offset X'03F2') is not available in releases before Release 8.1.
When using the PKOAEP2 recovery method, the following restrictions apply:
- the OAEP standard (PKCS #1) defines
overhead = (2 * hLen) + 2 bytes. Parameter hLen is the encoding hash algorithm output length in bytes. This gives additional overhead:- 42 Bytes for SHA-1
- 58 Bytes for SHA-224
- 66 Bytes for SHA-256
- 98 Bytes for SHA-384
- 130 Bytes for SHA-512
- RSA key size restrictions:
- The RSA key used must have a modulus size greater than or equal to the total PKOAEP2 message bit
length, calculated with the data previously shown, as:
source data size + total overhead - The minimum source data length is zero bytes, giving total message sizes (and therefore minimum
RSA key sizes):
- 0 + 42 = 42 Bytes (336 bits) for SHA-1 OAEP
- 0 + 58 = 58 Bytes (464 bits) for SHA-224 OAEP
- 0 + 66 = 66 Bytes (528 bits) for SHA-256 OAEP
- 0 + 98 = 98 Bytes (784 bits) for SHA-384 OAEP
- 0 + 130 = 130 Bytes (1040 bits) for SHA-512 OAEP
- The maximum RSA key size is 8192 bits (1024 bytes), therefore the maximum message
size is
key size - overhead:- 1024 – 42 = 982 Bytes (7856 bits) for SHA-1 OAEP
- 1024 – 58 = 966 Bytes (7728 bits) for SHA-224 OAEP
- 1024 – 66 = 958 Bytes (7664 bits) for SHA-256 OAEP
- 1024 – 98 = 926 Bytes (7856 bits) for SHA-384 OAEP
- 1024 – 130 = 894 Bytes (3056 bits) for SHA-512 OAEP
- The RSA key used must have a modulus size greater than or equal to the total PKOAEP2 message bit
length, calculated with the data previously shown, as: