System Considerations In Crypto-C

more individuals. For example, users may need to transmit a public key, elliptic curve parameters, or an algorithm name. Not everyone uses Crypto-C, and how information is processed in Crypto-C may be different from another company’s package. There needs to be a standard for describing certain information. BER/DER is such a standard.

Open Systems Interconnection (OSI, described in ANSI’s X.200) is an internationally standardized architecture that governs the interconnection of computers from the physical layer up to the user-application layer. OSI’s method of specifying abstract objects is called ASN.1 (Abstract Syntax Notation One, defined in X.680), and one set of rules for representing such objects as strings of ones and zeros is called BER (Basic Encoding Rules, defined in X.680). There is generally more than one way to BER- encode a given value, so another set of rules, called the Distinguished Encoding Rules (DER), which is a subset of BER, gives a unique encoding to each ASN.1 value. The PKCS document includes “A Layman’s Guide to a Subset of ASN.1, BER and DER,” which is more accessible than the actual standard.

If your application must transfer information to another computer or software package, you may need to convert the data into BER-encoded format before you send it. Crypto-C offers a way to get information into DER format, using B_GetAlgorithmInfo or B_GetKeyInfo with the BER version of the AI or KI used to set the algorithm or key object.

The following example corresponds to the file berder.c.

In the “Introductory Example” on page 9, we set the algorithm object to AI_RC4. The Reference Manual Chapter 2 entry on this AI reports that a compatible representation is AI_RC4BER. That AI provides the BER-encoded algorithm identifier for the RC4 algorithm. Look up the Reference Manual Chapter 4 entry for B_GetAlgorithmInfo. This function takes three arguments: an address for Crypto-C to deposit a pointer to the info, the algorithm object from which we are getting the info and the info type.

The Reference Manual Chapter 2 entry on AI_RC4BER tells us that the info returned by B_GetAlgorithmInfo is a pointer to an ITEM. The type ITEM is defined in aglobal.h as:

typedef struct { unsigned char *data; unsigned int len;

}ITEM;

We will declare a variable to be a pointer to an ITEM and use its address as the info argument. The prototype calls for the address of a POINTER, not the address of a pointer to an ITEM, so type casting is necessary.

1 2 4

R S A B S A F E C r y p t o - C D e v e l o p e r ’s G u i d e

Page 146
Image 146
RSA Security 5.2.2 manual Typedef struct unsigned char *data unsigned int len