B_VerifyFinal

MultiPrime

surrender context outlined in “The Surrender Context” on page 118:

#define BLOCK_SIZE 64;

/* Assuming we are using a 512-bit key */ unsigned char signature[BLOCK_SIZE]; unsigned int signatureLen;

/* generalFlag is for the surrender function. */ generalFlag = 0;

if ((status = B_SignFinal

(digitalSigner, signature, &signatureLen, 64, (B_ALGORITHM_OBJ)NULL_PTR, &generalSurrenderContext)) != 0)

break;

Step 6: Destroy

When you are done with all objects, remember to destroy them.

B_DestroyAlgorithmObject (&digitalSigner);

B_DestroyKeyObject (&privateKey);

Verifying a Digital Signature

The Crypto-C sequence B_VerifyInit, B_VerifyUpdate, and B_VerifyFinal will digest the original data, decrypt the signature with the provided RSA public key, and compare the digest to the decrypted signature. If the values are the same,

returns a 0; if they are different, it returns an error code.

Note: If a signing application did not digest the data before encrypting to produce a signature, you cannot use the Verify functions. Instead, decrypt the signature using AI_PKCS_RSAPublic or AI_RSAPublic.

Step 1: Creating An Algorithm Object

Declare a variable to be B_ALGORITHM_OBJ. As defined in the function prototype in Chapter 4 of the Reference Manual, its address is the argument for

2 3 6

R S A B S A F E C r y p t o - C D e v e l o p e r ’s G u i d e

Page 258
Image 258
RSA Security 5.2.2 manual Verifying a Digital Signature, Surrender context outlined in The Surrender Context on