AI_MD2WithRSAEncryption

Key info types for keyObject in B_SignInit:

KI_RSA_CRT, KI_PKCS_RSAPrivate, KI_PKCS_RSAPrivateBER, KI_RSAPrivate or KI_RSAPrivateBSAFE1. Unless you use KI_RSA_CRT for your KI, you must include AM_RSA_ENCRYPT in your application’s algorithm chooser.

Key info types for keyObject in B_VerifyInit:

KI_RSAPublic, KI_RSAPublicBER, or KI_RSAPublicBSAFE1.

Compatible representation:

AI_MD2WithRSAEncryptionBER.

Output considerations:

The signature result of B_SignFinal will be the same size as the RSA key’s modulus.

Notes:

Although the RSA signature operation is called “encryption” and the verification operation is called “decryption”, the signer uses the digest and the private key and follows the steps needed to decrypt, while the verifier uses the transmitted digest and the public key and follows the steps needed to encrypt.

1 1 4

R S A B S A F E C r y p t o - C L i b r a r y R e f e r e n c e M a n u a l

Page 124
Image 124
RSA Security 5 manual KIRSAPublic, KIRSAPublicBER, or KIRSAPublicBSAFE1