Chapter 2 Algorithm Info Types 229
AI_SHA1WithDES_CBCPad
RSA Security Inc. recommends a minimum iteration count of 1,000. However, for an
additional byte or two of security the iteration should be 28 to 216.
Format of info returned by B_GetAlgorithmInfo:
pointer to a B_PBE_PARAMS structure (see above).
Crypto-C procedures to use with algorithm object:
B_EncryptInit, B_EncryptUpdate, B_EncryptFinal, and B_DecryptInit,
B_DecryptUpdate, and B_DecryptFinal. You may pass (B_ALGORITHM_OBJ)NULL_PTR
for all
randomAlgorithm
arguments.
Algorithm methods to include in application’s algorithm chooser:
AM_SHA and AM_DES_CBC_ENCRYPT for encryption or AM_DES_CBC_DECRYPT for
decryption.
Key info types for keyObject in B_EncryptInit or B_DecryptInit:
KI_Item that gives the address and length of the password.
Compatible representation:
AI_SHA1WithDES_CBCPadBER.
Output considerations:
During encryption, this AI pads the output (which DES requires to be a multiple of 8
bytes long). Thus, the total number of output bytes from encryption can be as many as
8 bytes more than the total input.