RSA Security manual Algorithm Object, As shown in , page 85, the format of info supplied to

The Algorithm Object

The Algorithm Object

In the above code example, B_EncryptInit, B_EncryptUpdate, and B_EncryptFinal use an algorithm object called desAlgorithm. An algorithm object holds information about an algorithm’s parameters (for example, the DES initialization vector), and keeps a context during a cryptographic operation (for example, DES encryption).

Before Crypto-C can use an algorithm object, you must create and set it with B_CreateAlgorithmObject and B_SetAlgorithmInfo.

Every algorithm object that is created by B_CreateAlgorithmObject must be destroyed by B_DestroyAlgorithmObject. For security reasons, when Crypto-C destroys an algorithm object, it zeroizes (sets to zero) and freezes any sensitive memory that the object allocated. Note that you can use an algorithm object for either encryption or decryption, but not for both. You must create separate algorithm objects to handle each case. Once you set an algorithm, do not reset it. In other words, once you call B_SetAlgorithmInfo for a particular algorithm object, do not call it again for the same object until that object has been destroyed and recreated.

As shown in Chapter 4, page 330, B_SetAlgorithmInfo has three input arguments, algorithmObject, infoType, and info.algorithmObject is the name of the algorithm object you are setting. infoType is one of the algorithm info types (AIs) listed in Chapter 2. The AI specifies which algorithm to use, such as DES-CBC, as well as the format of the actual algorithm information supplied by info.

As shown in Chapter 2, page 85, the format of info supplied to

for AI_FeedbackCipher is a pointer to a B_BLK_CIPHER_W_FEEDBACK_PARAMS structure that holds the necessary information for the encryption object. This data includes the encryption method name (“des”), the feedback method name (“cbc”), and a pointer to an ITEM structure that contains the 8 bytes of the initialization vector (iv), which seeds the process. In the preceding example, the data in the ITEM structure is the iv input argument to EncryptData.