RSA Security 5 manual Key-pair generation AM specified by cipherName

AI_KeypairTokenGen

Crypto-C procedures to use with algorithm object:

B_GenerateInit and B_GenerateKeypair. If hardware is present, B_GenerateKeypair sets the publicKeyDef and privateKeyDef key objects with the public and private key information from KI_Token. If no hardware is present, and software emulation methods have been included in the hardware chooser, B_GenerateKeypair sets the publicKeyDef and privateKeyDef key objects with the public and private key information from KI_KeypairToken. You must pass an initialized random algorithm to B_GenerateKeypair, unless the hardware manufacturer has it internally implemented. In this case, a properly cast NULL_PTR should be used.

Algorithm methods to include in application’s algorithm chooser:

the key-pair generation AM specified by cipherName:

“dsa”AM_DSA_KEY_TOKEN_GEN

“rsa”AM_RSA_KEY_TOKEN_GEN

Notes:

Can only be used in conjunction with a hardware implementation or software emulation. AI_KeypairTokenGen can only be used if you have called

for your application.

The corresponding software-emulation methods passed to B_CreateSessionChooser via the HARDWARE_CHOOSER list are a HW_TABLE_ENTRY SF_RSA_KEY_TOKEN_GEN for RSA keys and a HW_TABLE_ENTRY SF_DSA_KEY_TOKEN_GEN for DSA keys. These provide software support if hardware is unavailable. These methods can be utilized only by including the software chooser inside the hardware chooser table.

At B_GenerateInit the key generation object is bound to the hardware device, if one is available. If no hardware device is present, the key-generation object is bound to the software-emulation method if it has been included in the hardware chooser; it defaults to the null method otherwise. For example, for an RSA key token, if no

hardware is present, the key generation object is bound toif it is included in the hardware chooser and defaults to AM_RSA_KEY_TOKEN_GEN otherwise.