Filter
Top Products
Block Ciphers
202 RSA BSAFE Crypto-C Developer’s Guide
CBC mode requires an initialization vector, so assume that you have the following
buffer containing arbitrary bytes to use as the IV. Note that this information must be
made available to the entity which decrypts the message. The IV is not secret
information and may be sent in the clear with the ciphertext.
Now fill in an
A_AES_CBC_PARAMS structure and call B_SetAlgorithmInfo. As noted
previously, the only supported value for
rc6Params.rounds
is 20.
In this example, you can use
AI_AES_CBCPad for PKCS V#5 padding for simplicity.
This AI automatically pads the message to be a multiple of the block size, so that you
don't have to worry about the length of the data to encrypt.
Note: There is another AI,
AI_AES_CBC, which can be used to perform raw AES
encryption. However, as is the case when doing raw encryption with any
block cipher, the length of the data to encrypt must be a multiple of the block
size. In the case of
AI_AES_CBC, the length of the data to encrypt must be a
multiple of 16 bytes. These AIs for performing raw encryption are useful if
you want to use your own padding scheme, instead of PKCS V#5.
Step 3: Init
The next step is to make a call to B_EncryptInit. To do this, you need a key object.
You will first create a key object, and then set the key data.
unsigned char *aesParams
#define BLOCK_SIZE 16
unsigned char initVector[BLOCK_SIZE];
aesParams = (unsigned char *)initVector;
if ((status = B_SetAlgorithmInfo
(AESEncrypter, AI_AES_CBCPad, (POINTER)&aesParams)) != 0)
break;