AI_SHA1WithRSAEncryptionBER

AI_SHA1WithRSAEncryptionBER

Purpose:

This AI is similar to AI_SHA1WithRSAEncryption except that it uses the ASN.1 BER format. This AI allows you to parse and create ASN.1 algorithm identifiers such as those used in PKCS #7 and other protocols. You call B_SetAlgorithmInfo to initialize an algorithm object from the encoded algorithm identifier. You call B_GetAlgorithmInfo with this AI to create an encoded algorithm identifier from an algorithm object that was created using AI_SHA1WithRSAEncryption or AI_SHA1WithRSAEncryptionBER. The OID for this algorithm, excluding the tag and length bytes, in decimal is “42, 134, 72, 134, 247, 13, 1, 1, 5”.

Type of information this allows you to use:

the encoding of an algorithm identifier that specifies RSA Security Inc.'s SHA1 With RSA signature algorithm that uses the SHA1 digest algorithm and the RSA algorithm to create and verify RSA digital signatures as defined in PKCS #1.

Note that in order to perform PKCS #1 digital signatures with a 20-byte digest, the RSA key must be at least 368 bits long.

Format of info supplied to B_SetAlgorithmInfo:

pointer to an ITEM structure that gives the address and length of the BER-encoded algorithm identifier. The encoding is converted to DER before it is copied to the algorithm object. B_SetAlgorithmInfo returns BE_WRONG_ALGORITHM_INFO if the algorithm identifier specifies an algorithm other than SHA1 With RSA Encryption.

Format of info returned by B_GetAlgorithmInfo:

pointer to an ITEM structure that gives the address and length of the DER-encoded algorithm identifier.

Crypto-C procedures to use with algorithm object:

B_SignInit, B_SignUpdate, B_SignFinal, B_VerifyInit, B_VerifyUpdate, and

B_VerifyFinal. You may pass (B_ALGORITHM_OBJ)NULL_PTR for all randomAlgorithm arguments.

2 3 4

R S A B S A F E C r y p t o - C L i b r a r y R e f e r e n c e M a n u a l

Page 244
Image 244
RSA Security 5 manual AISHA1WithRSAEncryptionBER