Restrictions

The restrictions for CSNDPKD.

  • The exponent of the RSA public key must be odd.
  • The command PKA Decrypt - Disallow PKOAEP2 (offset X'03F2') is not available in releases before Release 8.1.

When using the PKOAEP2 recovery method, the following restrictions apply:

  • the OAEP standard (PKCS #1) defines overhead = (2 * hLen) + 2 bytes. Parameter hLen is the encoding hash algorithm output length in bytes. This gives additional overhead:
    • 42 Bytes for SHA-1
    • 58 Bytes for SHA-224
    • 66 Bytes for SHA-256
    • 98 Bytes for SHA-384
    • 130 Bytes for SHA-512
  • RSA key size restrictions:
    • The RSA key used must have a modulus size greater than or equal to the total PKOAEP2 message bit length, calculated with the data previously shown, as: source data size + total overhead
    • The minimum source data length is zero bytes, giving total message sizes (and therefore minimum RSA key sizes):
      • 0 + 42 = 42 Bytes (336 bits) for SHA-1 OAEP
      • 0 + 58 = 58 Bytes (464 bits) for SHA-224 OAEP
      • 0 + 66 = 66 Bytes (528 bits) for SHA-256 OAEP
      • 0 + 98 = 98 Bytes (784 bits) for SHA-384 OAEP
      • 0 + 130 = 130 Bytes (1040 bits) for SHA-512 OAEP
    • The maximum RSA key size is 8192 bits (1024 bytes), therefore the maximum message size is key size - overhead:
      • 1024 – 42 = 982 Bytes (7856 bits) for SHA-1 OAEP
      • 1024 – 58 = 966 Bytes (7728 bits) for SHA-224 OAEP
      • 1024 – 66 = 958 Bytes (7664 bits) for SHA-256 OAEP
      • 1024 – 98 = 926 Bytes (7856 bits) for SHA-384 OAEP
      • 1024 – 130 = 894 Bytes (3056 bits) for SHA-512 OAEP