AI_SHA1WithRSAEncryption

AI_SHA1WithRSAEncryption

Purpose:

This AI allows you to perform signature operations that involve the SHA1 digest algorithm and RSA public key algorithm. The digest of a message is created using the SHA1 algorithm, and then it is signed using PKCS#1 digital signature algorithm. Other algorithms that can be used for the same purpose are AI_MD2WithRSAEncryption and AI_MD5WithRSAEncryption.

Type of information this allows you to use:

RSA Security Inc.'s SHA1 With RSA signature algorithm that uses the SHA1 digest algorithm and the RSA algorithm to create and verify RSA digital signatures as defined in PKCS #1.

Note that in order to perform PKCS #1 digital signatures with a 20-byte digest, the RSA key must be at least 368 bits long.

Format of info supplied to B_SetAlgorithmInfo:

NULL_PTR.

Format of info returned by B_GetAlgorithmInfo:

NULL_PTR.

Crypto-C procedures to use with algorithm object:

B_SignInit, B_SignUpdate, B_SignFinal, B_VerifyInit, B_VerifyUpdate, and

B_VerifyFinal. You may pass (B_ALGORITHM_OBJ)NULL_PTR for all randomAlgorithm arguments.

Algorithm methods to include in application’s algorithm chooser:

AM_MD2, and AM_RSA_CRT_ENCRYPT, AM_RSA_CRT_ENCRYPT_BLIND, or AM_RSA_ENCRYPT,

for signature creation; and AM_RSA_DECRYPT for signature verification.

AM_RSA_CRT_ENCRYPT_BLIND performs blinding to protect against timing attacks, whereas AM_RSA_CRT_ENCRYPT does not.

2 3 2

R S A B S A F E C r y p t o - C L i b r a r y R e f e r e n c e M a n u a l

Page 241 Page 243
Page 242
Image 242
RSA Security 5 manual AISHA1WithRSAEncryption
Page 241 Page 243
Top Page Image Contents