Airesetiv, Pointer to an Item | RSA Security 5 instruction

AI_RESET_IV

AI_RESET_IV

Purpose:

This AI allows you to change the initialization vector (IV) for a cipher object created with AI_FeedbackCipher without the need to create a new algorithm object or bind in a new key. This increases the performance of applications that have a long-lived symmetric key (for example, a DES key) that is used to encrypt many blocks or messages, each of which has a unique IV.

A similar AI that can be used to change the IV of a CBC mode cipher is AI_CBC_IV8.

Type of Information this allows you to use:

a new initialization vector to reset an encryption/decryption object defined with AI_FeedbackCipher.

Format of info supplied to B_SetAlgorithmInfo

a pointer to an ITEM of length equal to the old initialization vector.

Format of info returned by B_GetAlgorithmInfo returns

a pointer to an ITEM.

Algorithm methods to include in chooser

none.

Note: Reinitialization may be done anytime after an encryption/decryption session has been set with its algorithm info. It takes effect after the next initialization. It may be used in conjunction with a new key to start a new encryption/ decryption session.

2 0 6

R S A B S A F E C r y p t o - C L i b r a r y R e f e r e n c e M a n u a l

Image 216

RSA Security 5 manual Airesetiv, Pointer to an Item

Contents

Crypto-C Cryptographic Components for C Copyright Notice Contents Page N t e n t s Key Info Types 245 Details of Crypto-C Functions 289 Crypto-C Error Types 351 References 359 Index 361 Page Introduction Organization Crypto-C Environment Memory Management Code Example Break If status = BEncryptInit Code Example Algorithm Object As shown in , page 85, the format of info supplied to Key Object Bdemo Algorithm Chooser Defining an Algorithm Chooser Algorithm Chooser Surrender Function Non-zero Cancel operation SurrenderSurrender function callback must have the following form Continue with operation Item Structure Algorithm Info Types 1Sample Algorithm Type AIBSSecretSharing Pointer to a Bsecretsharingparams structure see above Output considerations AICBCIV8 AICBCIV16 On the algorithm object are undefined AIDESCBCBSAFE1 Pointer to a BBSAFE1ENCRYPTIONPARAMS structure see aboveFor all randomAlgorithm arguments Input constraints AIDESCBCIV8 Token-based algorithm methods Input that is a multiple of 8 bytes AIDESCBCPadBER Key info types for keyObject in BEncryptInit or BDecryptInit AIDESCBCPadIV8 AIDESCBCPadBER, AIDESCBCPadPEM AIDESCBCPadPEM AIDESCBCPadIV8, AIDESCBCPadBER AIDESEDE3CBCIV8 Decryption Token-based algorithm methods AIDESEDE3CBCPadBER AIDESEDE3CBCPadIV8 AIDESEDE3CBCPadIV8 AIDESEDE3CBCPadBER AIDESXCBCBSAFE1 Input constraints AIDESXCBCIV8 Key info types for keyObject in BEncryptInit or BDecryptInit AIDESXCBCPadBER AIDESXCBCPadIV8 AIDESXCBCPadIV8 AIDESXCBCPadBER AIDHKeyAgree Pointer to an Adhkeyagreeparams structure Initialized random algorithm to BKeyAgreePhase1 AIDHKeyAgreeBER AIDHKeyAgree AIDHParamGen Pointer to an Adhparamgenparams structureExponentBits must be less than primeBits Pointer to an Adhparamgenparams structure see above Aidsa Key info types for keyObject in BVerifyInit Input constraints AIDSAKeyGen Pointer to an Adsaparams structurePointer to an Adsaparams structure see above Amdsakeygen AIDSAParamGen Pointer to a Bdsaparamgenparams structurePointer to a Bdsaparamgenparams structure see above Size of the subprime is always 160 bits AIDSAWithSHA1 AIDSAWithSHA1BER AIDSAWithSHA1BER AIDSAWithSHA1 AIECAcceleratorTable Pointer to an Item holding the accelerator tableNone AIECBuildAcceleratorTable Pointer to a Becparams structure An Aecparams structure Size of the accelerator table may be found through a call to AIECBuildPubKeyAccelTable Crypto-C procedures to use with algorithm object AIECDHKeyAgree AIECDHKeyAgree Aiecdsa KIECPrivate or KIECPrivateBER AIECDSAWithDigest Pointer to a Bdigestspecifier structure Key info types for keyObject in BSignInit Aieces AIECKeyGen Characteristic AIECParameters Pointer to an Aecparams structure Set the arguments as follows Argument Values Comments Possible values for FTX962NAMEDCURVETYPE are FTX962NAMEDCURVETYPE Pointer to an Aecparams structure see above AIECParametersBER AIECParametersBER AIECParamGen Pointer to a Becparamgenparams structure Pointer to a Becparamgenparams structure see above FieldType = FTF2ONB Crypto-C procedures to use with algorithm object AIECPubKey Pointer to an Aecpublickey structure Can get this info type if algorithm object already has AIECPubKeyBER AIFeedbackCipher Descriptor for block ciphers with feedback, as definedPointer to a structure of type Bblkcipherwfeedbackparams Type of padding schemes available AIFeedbackCipher 2Algorithm methods for feedback modes CFB modes require a Bcfbparams structure Depends on cipher type, as follows Compatible representations Aihmac Output considerations Other procedures AIHWRandomRandom bytes generated by your hardware device Where Akeypairdefiner is defined by AIKeypairTokenGenPointer to an Akeypairspecifier structure Pointer to an Akeypairspecifier structure see above Key-pair generation AM specified by cipherName Aimac Aimd Message digest MD algorithm as defined by BsafeOutput of BDigestFinal will be 16 bytes long AIMD2 MD2 message digest algorithm as defined in RFC Output considerations AIMD2BER A p t e r 2 a l g o r i t h m I n f o Ty p e s 101 AIMD2PEM A p t e r 2 a l g o r i t h m I n f o Ty p e s 103 AIMD2Random AIMD2WithDESCBCPad Pointer to a Bpbeparams structurePointer to a Bpbeparams structure see above KIItem that gives the password AIMD2WithDESCBCPadBER AIMD2WithDESCBCPad AIMD2WithRC2CBCPad Pointer to a BRC2PBEPARAMS structure Pointer to a BRC2PBEPARAMS structure see above AIMD2WithRC2CBCPadBER AIMD2WithRC2CBCPad AIMD2WithRSAEncryption KIRSAPublic, KIRSAPublicBER, or KIRSAPublicBSAFE1 AIMD2WithRSAEncryptionBER AIMD2WithRSAEncryption AIMD5 MD5 message digest algorithm as defined in RFC AIMD5BER A p t e r 2 a l g o r i t h m I n f o Ty p e s 119 AIMD5PEM A p t e r 2 a l g o r i t h m I n f o Ty p e s 121 AIMD5Random MD5-Random algorithm for generating pseudo-random numbers AIMD5WithDESCBCPad AIMD5WithDESCBCPadBER AIMD5WithDESCBCPadBER AIMD5WithDESCBCPad AIMD5WithRC2CBCPad AIMD5WithRC2CBCPadBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 129 AIMD5WithRC2CBCPadBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 131 AIMD5WithRSAEncryption A p t e r 2 a l g o r i t h m I n f o Ty p e s 133 AIMD5WithRSAEncryptionBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 135 AIMD5WithXOR A p t e r 2 a l g o r i t h m I n f o Ty p e s 137 AIMD5WithXORBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 139 Pkcs Oaep RSA Parameter Default Value Default Params AIPKCSOAEPRSAPrivate Pointer to an Apkcsoaepparams structure Format of info supplied to BGetAlgorithmInfo A p t e r 2 a l g o r i t h m I n f o Ty p e s 143 AIPKCSOAEPRSAPrivateBER Simple DER encoding for the default algorithm General syntax is Sequence Following procedures perform Oaep padding with encryption Pkcs Oaep RSA Parameter Default Value Default Parameters AIPKCSOAEPRSAPublic A p t e r 2 a l g o r i t h m I n f o Ty p e s 149 Amrsaencrypt A p t e r 2 a l g o r i t h m I n f o Ty p e s 151 AIPKCSOAEPRSAPublicBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 153 Sequence A p t e r 2 a l g o r i t h m I n f o Ty p e s 155 Input constraints Following parameters are employed when Nullptr is specified AIPKCSOAEPRecodeEither Pointer to an Apkcsoaepparams structure A p t e r 2 a l g o r i t h m I n f o Ty p e s 159 AIPKCSOAEPRecodeBER AIPKCSOAEPRecodeBER General syntax is A p t e r 2 a l g o r i t h m I n f o Ty p e s 163 Format of info supplied to BGetAlgorithmInfo A p t e r 2 a l g o r i t h m I n f o Ty p e s 165 AIPKCSRSAPrivate A p t e r 2 a l g o r i t h m I n f o Ty p e s 167 AIPKCSRSAPrivateBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 169 AIPKCSRSAPrivatePEM A p t e r 2 a l g o r i t h m I n f o Ty p e s 171 AIPKCSRSAPublic Amrsaencrypt for encryption or Amrsadecrypt for decryption A p t e r 2 a l g o r i t h m I n f o Ty p e s 173 AIPKCSRSAPublicBER Amrsaencrypt for encryption and Amrsadecrypt for decryption AIPKCSRSAPublicPEM A p t e r 2 a l g o r i t h m I n f o Ty p e s 177 AIRC2CBC Pointer to an ARC2CBCPARAMS structurePointer to an ARC2CBCPARAMS structure see above When used with one of the should be used with AIRC2CBCBSAFE1 A p t e r 2 a l g o r i t h m I n f o Ty p e s 181 AIRC2CBCPad A p t e r 2 a l g o r i t h m I n f o Ty p e s 183 AIRC2CBCPadBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 185 AIRC2CBCPadPEM A p t e r 2 a l g o r i t h m I n f o Ty p e s 187 AIRC4 RC4 encryption algorithmAMRC4ENCRYPT for encryption and AMRC4DECRYPT for decryption KIItem that gives the address and length of the RC4 key A p t e r 2 a l g o r i t h m I n f o Ty p e s 189 AIRC4BER A p t e r 2 a l g o r i t h m I n f o Ty p e s 191 AIRC4WithMAC Pointer to a BRC4WITHMACPARAMS structurePointer to a BRC4WITHMACPARAMS structure see above A p t e r 2 a l g o r i t h m I n f o Ty p e s 193 AIRC4WithMACBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 195 AIRC5CBC Pointer to an ARC5CBCPARAMS structurePointer to an ARC5CBCPARAMS structure see above AIRC5CBC may be used to access the hardware-related Bhapi KIItem, that gives the address and length of the RC5 key AIRC5CBCPad A p t e r 2 a l g o r i t h m I n f o Ty p e s 199 AIRC5CBCPadBER KIItem, which gives the address and length of the RC5 key AIRC6CBC Pointer to an ARC6CBCPARAMS structurePointer to an ARC6CBCPARAMS structure see above KIItem, that gives the address and length of the RC6 key AIRC6CBCPad Pointer to an ARC6CBCPARAMS structure A p t e r 2 a l g o r i t h m I n f o Ty p e s 205 Airesetiv Pointer to an Item AIRFC1113Recode AIRSAKeyGen Pointer to an Arsakeygenparams structure A p t e r 2 a l g o r i t h m I n f o Ty p e s 209 AIRSAPrivate RSA algorithm for performing raw private-key encryption AIRSAPrivate may include the hardware algorithm method AIRSAPrivateBSAFE1 Integer at the beginning of the buffer AIRSAPublic RSA algorithm for performing raw public-key decryption A p t e r 2 a l g o r i t h m I n f o Ty p e s 215 AIRSAPublicBSAFE1 A p t e r 2 a l g o r i t h m I n f o Ty p e s 217 AIRSAStrongKeyGen A p t e r 2 a l g o r i t h m I n f o Ty p e s 219 For the randomAlgorithm argument in BDecryptUpdate AISETOAEPRSAPrivate Input considerations AISETOAEPRSAPublic A p t e r 2 a l g o r i t h m I n f o Ty p e s 223 AISHA1 Output of BDigestFinal will be 20 bytes long AISHA1BER AISHA1 AISHA1Random AISHA1WithDESCBCPad KIItem that gives the address and length of the password AISHA1WithDESCBCPadBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 231 AISHA1WithRSAEncryption A p t e r 2 a l g o r i t h m I n f o Ty p e s 233 AISHA1WithRSAEncryptionBER A p t e r 2 a l g o r i t h m I n f o Ty p e s 235 AISignVerify Pointer to a Bsignverifyparams structureSet the arguments for Bsignverifyparams as follows Set the arguments for AX931PARAMS as follows Pointer to a Bsignverifyparams structure see aboveAX931PARAMS Key info types for keyObject in BSignInit or BVerifyInit AISymKeyTokenGen AISymKeyTokenGen AIX931Random Seed Bsafe procedures to use with algorithm object AIX962RandomV0 SHA1 pseudo-random generator as definedPointer to an Asharandomparams structure Amsharandom Key Info Types 1Sample Key Info Type KI8Byte Pointer to an unsigned char array that holds the 8 bytes KI24Byte Byte value for symmetric keys such as DesedePointer to an unsigned char array that holds the 24 bytes KI24Byte, KIItem if the length of the Item is 24, Kidesx KIDES8 KIDES8Strong KIDES24Strong KIDESBSAFE1 Bsafe 1.x encoding of a DES key Kidesx Pointer to an Adesxkey structure KIDESXBSAFE1 Bsafe 1.x encoding of a Desx key Where Adsaparams is defined as KIDSAPrivatePointer to an Adsaprivatekey structure KIDSAPrivate, KIDSAPrivateBER, or KIDSAPrivateX957BER KIDSAPrivateBER KIDSAPrivateX957BER KIDSAPublic Pointer to an Adsapublickey structure KIDSAPublic, KIDSAPublicBER, KIDSAPublicX957BER KIDSAPublicBER KIDSAPublicX957BER KIECPrivate Pointer to an Aecprivatekey structure KIECPrivateBER KIECPrivateComponent An elliptic curve private key without its curve parameters KIECPrivateComponentBER KIECPublic KIECPublicBER KIECPublicComponent An elliptic curve public key without its curve parameters KIECPublicComponentBER Where AX509ATTRIBINFO is defined by KIExtendedTokenPointer to a Kiextendedtokeninfo structure Pointer to a Kiextendedtokeninfo structure see above KIItem Pointer to an Item structurePointer to an Item structure see above KIKeypairToken Pointer to a Kikeypairtokeninfo structureAkeypairdefiner is defined by For KIPKCSRSAPrivate Pointer to an Apkcsrsaprivatekey structure A p t e r 3 K e y I n f o Ty p e s 277 KIPKCSRSAPrivateBER KIRC2BSAFE1 KIRC2WithBSAFE1Params Kirsacrt Pointer to an Arsacrtkey structure KIRSAPrivate Pointer to an Arsakey structure A p t e r 3 K e y I n f o Ty p e s 283 KIRSAPrivateBSAFE1 Bsafe 1.x encoding of an RSA private key KIRSAPublic Arsakey KIRSAPublicBER KIRSAPublicBSAFE1 Bsafe 1.x encoding of an RSA public key KIToken Pointer to a Kitokeninfo structurePointer to a Kitokeninfo structure see above Details of Crypto-C Functions BBuildTableFinal Int BBuildTableFinal BBuildTableGetBufSize Int BBuildTableGetBufSize BBuildTableInit BCreateAlgorithmObject Int BCreateAlgorithmObject BCreateKeyObject Int BCreateKeyObject BCreateSessionChooser Int BCreateSessionChooser BDecodeDigestInfo Int BDecodeDigestInfo BDecodeFinal Int BDecodeFinal BDecodeInit Int BDecodeInit BDecodeUpdate Int BDecodeUpdate BDecryptFinal Int BDecryptFinal BDecryptInit BDecryptUpdate Int BDecryptUpdate There is no return value Void BDestroyAlgorithmObject BDestroyKeyObject Void BDestroyKeyObject BDigestFinal Int BDigestFinal BDigestInit Int BDigestInit BDigestUpdate Int BDigestUpdate BEncodeDigestInfo Int BEncodeDigestInfo BEncodeFinal Int BEncodeFinal BEncodeInit Int BEncodeInit BEncodeUpdate Int BEncodeUpdate BEncryptFinal Int BEncryptFinal BEncryptInit BEncryptUpdate Int BEncryptUpdate BFreeSessionChooser Int BFreeSessionChooser BGenerateInit BGenerateKeypair Int BGenerateKeypair BGenerateParameters Int BGenerateParameters BGenerateRandomBytes Int BGenerateRandomBytes BGetAlgorithmInfo Int BGetAlgorithmInfo BGetExtendedErrorInfo Void BGetExtendedErrorInfo BGetKeyExtendedErrorInfo Void BGetKeyExtendedErrorInfo BGetKeyInfo Int BGetKeyInfo BIntegerBits BKeyAgreeInit BKeyAgreePhase1 Int BKeyAgreePhase1 BKeyAgreePhase2 Int BKeyAgreePhase2 BRandomInit Int BRandomInit BRandomUpdate Int BRandomUpdate BSetAlgorithmInfo Int BSetAlgorithmInfo BSetKeyInfo Int BSetKeyInfo BSignFinal BSignInit Int BSignInit BSignUpdate BSymmetricKeyGenerate Int BSymmetricKeyGenerate BSymmetricKeyGenerateInit Initializes key generation objectInt BSymmetricKeyGenerateInit BVerifyFinal Int BVerifyFinal BVerifyInit Int BVerifyInit BVerifyUpdate Int BVerifyUpdate Tfree Void Tfree Tmalloc Tmemcmp Blocks are equal Tmemcpy Tmemmove Void Tmemmove Tmemset Trealloc Pointer Trealloc Tstrcmp Int Tstrcmp Tstrcpy Destination string Tstrlen Number of characters in the string Tstrlen Crypto-C Error Types Crypto-C Error Types P e n d i x a C r y p t o C Error Ty p e s 353 Page Pointer UINT2UINT2 value is a 16-bit unsigned integer UINT4 UINT4 value is a 32-bit unsigned integer Example Otherwise Protolist should be defined as Crypto-C defines one string constant BsafeversionPage National Bureau of Standards. Fips Publication 46-1 Data Operation. DecemberP1363 Draft D1 December 209 509X9.31 X9.44 Draft Index AMMD2RANDOM D e 363 Page D e 365