Chapter 2 Algorithm Info Types 233
AI_SHA1WithRSAEncryption
Key info types for keyObject in B_SignInit:
KI_RSA_CRT, KI_PKCS_RSAPrivate, KI_PKCS_RSAPrivateBER, KI_RSAPrivate or
KI_RSAPrivateBSAFE1. Unless you use KI_RSA_CRT for your KI, you must include
AM_RSA_ENCRYPT in your application’s algorithm chooser.
Key info types for keyObject in B_VerifyInit:
KI_RSAPublic, KI_RSAPublicBER or KI_RSAPublicBSAFE1.
Compatible representation:
AI_SHA1WithRSAEncryptionBER.
Output considerations:
The
signature
result of B_SignFinal will be the same size as the RSA key’s modulus.
Notes:
Although the RSA signature operation is called “encryption” and the verification
operation is called “decryption”, the signer uses the digest and the private key and
follows the steps needed to decrypt, while the verifier uses the transmitted digest and
the public key and follows the steps needed to encrypt.