System Considerations In Crypto-C
118 RSA BSAFE Crypto-C Developer’s Guide
description of AI_X962Random_V0 instead of AI_SHA1Random:
Note: The previous algorithm chooser lists AM_RSA_CRT_DECRYPT. This AM will
not perform blinding (see “Timing Attacks and Blinding” on page 95). If you
want your application to perform blinding, use
The Surrender Context
Some Crypto-C functions are time-consuming. When an application calls one of these
functions, it can appear as if the computer has crashed or frozen. A lengthy Crypto-C
function can tie up the computer, forcing other applications or programs to wait until
the Crypto-C function is finished to continue their execution. The surrender context is
a way for an application to allow Crypto-C to surrender control.
In general, it is a good idea to include a surrender context whenever a function takes
several seconds to execute. The following functions are extremely time-consuming:
• Functions for parameter generation
• Functions for key generation
• Functions for creating acceleration tables
Other functions are less time-consuming and might not need a surrender context in
your application. These include many of the block-cipher and stream-cipher
symmetric-key operations as well as message digests.
Note: Using a surrender context with private-key operations (such as signing or
opening a digital envelope) makes your key more susceptible to a timing
attack. You may want to pass in a NULL surrender context for private key
operations for security reasons.
The surrender context information is contained in an
A_SURRENDER_CTX structure. The
aglobal.h gives the definition; this is described in Chapter 1 of the Reference