AI_SHA1WithDES_CBCPad

RSA Security Inc. recommends a minimum iteration count of 1,000. However, for an additional byte or two of security the iteration should be 28 to 216.

Format of info returned by B_GetAlgorithmInfo:

pointer to a B_PBE_PARAMS structure (see above).

Crypto-C procedures to use with algorithm object:

B_EncryptInit, B_EncryptUpdate, B_EncryptFinal, and B_DecryptInit,

B_DecryptUpdate, and B_DecryptFinal. You may pass (B_ALGORITHM_OBJ)NULL_PTR for all randomAlgorithm arguments.

Algorithm methods to include in application’s algorithm chooser:

AM_SHA and AM_DES_CBC_ENCRYPT for encryption or AM_DES_CBC_DECRYPT for

decryption.

Key info types for keyObject in B_EncryptInit or B_DecryptInit:

KI_Item that gives the address and length of the password.

Compatible representation:

AI_SHA1WithDES_CBCPadBER.

Output considerations:

During encryption, this AI pads the output (which DES requires to be a multiple of 8 bytes long). Thus, the total number of output bytes from encryption can be as many as 8 bytes more than the total input.

C h a p t e r 2 A l g o r i t h m I n f o Ty p e s

229

Page 238 Page 240
Page 239
Image 239
RSA Security 5 manual Pointer to a Bpbeparams structure see above, KIItem that gives the address and length of the password
Page 238 Page 240
Top Page Image Contents