Filter
Top Products
MultiPrime
234 RSA BSAFE Crypto-C Developer’s Guide
B_CreateAlgorithmObject:
Step 2: Setting The Algorithm Object
Crypto-C provides three methods for computing RSA digital signatures: MD2 with
RSA encryption, MD5 with RSA encryption, and SHA1 with RSA encryption.
Note: Recent cryptanalytic work has discovered a collision in MD2’s internal
compression function, and there is some chance that the attack on MD2 may
be extended to the full hash function. The same attack applies to MD. Another
attack has been applied to the compression function on MD5, though this has
yet to be extended to the full MD5. RSA Security recommends that before you
use MD, MD2, or MD5, you should consult the RSA Laboratories Web site to
be sure that their use is consistent with the latest information.
For this example, choose
AI_SHA1WithRSAEncryption. The Reference Manual Chapter 2
entry on this AI states that the format of
info
supplied to B_SetAlgorithmInfo is
NULL_PTR:
Step 3: Init
Associate a key and algorithm method with the algorithm object through B_SignInit.
The Reference Manual Chapter 4 entry for this function shows that it takes four
arguments: the algorithm object, a key object, an algorithm chooser, and a surrender
context. The algorithm object in this example is
digitalSigner
. Remember, if the
algorithm object was not set to
AI_MD5WithRSAEncryption,
AI_MD2WithRSAEncryption, AI_SHA1WithRSAEncryption, or their BER counterparts,
you cannot use
B_SignInit. For a key object, use an RSA private key. Follow Steps 1
through 5 of “Generating a Key Pair” on page 214 to produce a key pair. Remember,
the modulus must be at least 368 bits.
Build an algorithm chooser with the AMs listed in the Reference Manual Chapter 2
B_ALGORITHM_OBJ digitalSigner = (B_ALGORITHM_OBJ)NULL_PTR;
if ((status = B_CreateAlgorithmObject (&digitalSigner)) != 0)
break;
if ((status = B_SetAlgorithmInfo
(digitalSigner, AI_SHA1WithRSAEncryption, NULL_PTR)) != 0)
break;