MultiPrime

B_CreateAlgorithmObject:

B_ALGORITHM_OBJ digitalVerifier = (B_ALGORITHM_OBJ)NULL_PTR;

if ((status = B_CreateAlgorithmObject (&digitalVerifier)) != 0) break;

Step 2: Setting The Algorithm Object

The signer should tell you which message digest and decryption algorithms you need to use to verify the signature. To verify the signature created here, you would use the same AI:

if ((status = B_SetAlgorithmInfo

(digitalVerifier, AI_SHA1WithRSAEncryption, NULL_PTR)) != 0) break;

Step 3: Init

Associate a key and algorithm method with the algorithm object through

B_VerifyInit. The entry for this function in Chapter 4 of the Reference Manual shows that it takes four arguments: the algorithm object, a key object, an algorithm chooser, and a surrender context. The algorithm object in this example is digitalVerifier. For a key object, use an RSA public key, presumably the partner to the RSA private key that was used for the signature. Build an algorithm chooser which incorporates the AMs listed in the Chapter 2 entry for the AI in use the Reference Manual. B_VerifyInit is fast, so it is reasonable to pass a properly cast NULL_PTR for the surrender context:

B_ALGORITHM_METHOD *VERIFY_SAMPLE_CHOOSER[] = { &AM_SHA,

&AM_RSA_DECRYPT,

(B_ALGORITHM_METHOD *)NULL_PTR

};

if ((status = B_VerifyInit

(digitalVerifier, publicKey, VERIFY_SAMPLE_CHOOSER, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

C h a p t e r 7 P u b l i c - K e y O p e r a t i o n s

2 3 7

Page 259
Image 259
RSA Security 5.2.2 manual Setting The Algorithm Object, If status = BVerifyInit