AI_KeypairTokenGen

AI_KeypairTokenGen

Purpose:

This AI allows you to generate the token form of a public/private key pair with a hardware device.

Type of information this allows you to use:

the parameters for generating the token form of a public/private key pair. The BSAFE Hardware API (BHAPI) supports token forms of RSA strong key pair generation as defined in PKCS #1 and DSA key pair generation as defined in FIPS PUB 186.

Format of info supplied to B_SetAlgorithmInfo:

pointer to an A_KEYPAIR_SPECIFIER structure:

typedef struct {

 

 

A_KEYPAIR_DEFINER privateKeyDef;

/* Specifications for private key */

A_KEYPAIR_DEFINER publicKeyDef;

/* Specifications for public key */

POINTER

keyParams; /* Points to RSA params in RSA case, i.e., */

 

 

/* A_RSA_KEY_GEN_PARAMS. */

 

 

/* Points to DSA params in DSA case. */

unsigned char

*cipherName;

/* String tag for key's cipher class */

 

 

/* Either “rsa” or “dsa” to tag */

}A_KEYPAIR_SPECIFIER;

where A_KEYPAIR_DEFINER is defined by:

typedef struct

{

 

 

 

unsigned int

keyUsage;

/* X509

key

usage bit map */

UINT4

lifeTime;

/* Key lifetime; under

consideration */

unsigned int

protectFlag;

/* Store key

in encrypted form */

} A_KEYPAIR_DEFINER;

Format of info returned by B_GetAlgorithmInfo:

pointer to an A_KEYPAIR_SPECIFIER structure (see above).

9 4

R S A B S A F E C r y p t o - C L i b r a r y R e f e r e n c e M a n u a l

Page 104
Image 104
RSA Security 5 manual AIKeypairTokenGen, Pointer to an Akeypairspecifier structure, Where Akeypairdefiner is defined by