The X9.31 Sample Program
320 RSA BSAFE Crypto-C Developer’s Guide
Computing a Digital SignatureNow you can use the key pair to compute a digital signature. For X9.31, this is done
using AI_SignVerify. AI_SignVerify provides ANSI X9.31-compliant digital signing
and verification. The procedure to sign and verify using AI_SignVerify is similar to
the steps outlined in “RSA Digital Signatures” on page233. However, AI_SignVerify
is a little different because it is more general purpose than the other signing and
verifying AIs. Therefore, you have to set a parameter that determines the exact
algorithm and action you wish to use.
Assume that RSA_MODULUS_BITS gives the modulus size of the RSA key pair. The
proper AI to use for following the ANSI X9.31 standard for digital signatures is
AI_SignVerify. You must pass a pointer to a B_SIGN_VERIFY_PARAMS structure to
B_SetAlgorithmInfo. The structure, B_SIGN_VERIFY_PARAMS, is defined as follows:
For this application, set the parameters as follows:
•The possible values for
encryptionMethodName
are "rsaSignX931" or
"rsaVerifyX931". For signing, use "rsaSignX931".
•For
encryptionParams
and
digestParams
, pass a NULL_PTR.
/* ======================================================== */
printf ("\nComputing a Digital Signature \n");
printf ("============================= \n");
printf ("Input data: %s \n", inputData);
inputDataLen = (unsigned int)strlen (inputData);
printf ("Input data in hex: \n");
PrintBuf ((unsigned char *)inputData, inputDataLen);
/* Step 1: Create an algorithm object */
if ((status = B_CreateAlgorithmObject (&digitalSigner)) != 0)
break;
typedef struct {
unsigned char *encryptionMethodName;
POINTER encryptionParams;
unsigned char *digestMethodName;
POINTER digestParams;
unsigned char *formatMethodName;
POINTER formatParams;
} B_SIGN_VERIFY_PARAMS;