Chapter 9 Putting It All Together: An X9.31 Example 321
The X9.31 Sample Program
•For
digestMethodName
, use "sha1"; currently this is the only digest supported.
•For
formatMethodName
, use "formatX931"; currently this is the only format method
supported.
•formatParams
requires a pointer to an A_X931_PARAMS structure, which is defined as
follows:
The parameters are:
-
blockLen
: the smallest number of bytes you can use for your block.
Note that AI_SignVerify encodes the input data in blocks. Because of the
requirements of the underlying RSA algorithm, the number of bits of data
must be the same as the number of bits of the RSA modulus. However, the
input block size is measured in bytes. Because the modulus size, which is
stored in RSA_MODULUS_BITS, may not be an even number of bytes, you need
to calculate the smallest number of bytes you can use for your block. This
number is the integer part of (RSA_MODULUS_BITS + 7) / 8. For example, if your
modulus is 514 bits long, the smallest block size you can use is the integer
part of (514 + 7) / 8, or 65 bytes.
-
OIDNum:
the object identifier for the SHA1 hash algorithm. Currently this
always equals 3 (SHA) for X9.31.
-
OID
: the object identifier to use for BER encoding. The
OID
is only used when
“formatX932PKCS5” is specified in the
formatMethodName
of the
B_SIGN_VERIFY_PARAMS structure.
In this example, the
formatMethodName
is “formatX931”, so the BER encoding
of the
OID
is unnecessary and will be left undefined.
typedef struct {
unsigned int blockLen;
unsigned int oidNum;
ITEM OID;
} A_X931_PARAMS;
/* Step 2: Set the algorithm object to AI_SignVerify */
x931params.blockLen = ((RSA_MODULUS_BITS + 7) / 8);
x931params.oidNum = 3;