AI_DES_EDE3_CBCPadBER

AI_DES_EDE3_CBCPadBER

Purpose:

This AI is similar to AI_DES_EDE3_CBCPadIV8 except that it uses the ASN.1 BER format. This AI allows you to parse and create ASN.1 algorithm identifiers such as used in PKCS #7 and other protocols. You call B_SetAlgorithmInfo to initialize an algorithm object from the encoded algorithm identifier that includes the initialization vector. You call B_GetAlgorithmInfo with this AI to create an encoded algorithm identifier from an algorithm object that was created using AI_DES_EDE3_CBC_PadIV8 or AI_DES_EDE3_CBCPadBER. The OID for this algorithm, excluding the tag and length bytes, in decimal, is “42, 134, 72, 134, 247, 13, 3, 7”. Also see AI_DES_EDE3_CBCPadIV8.

Type of information this allows you to use:

the encoding of an algorithm identifier that specifies the DES-EDE3-CBC encryption algorithm, with padding scheme defined in PKCS #5.

Format of info supplied to B_SetAlgorithmInfo:

pointer to an ITEM structure that gives the address and length of the BER-encoded algorithm identifier. The encoding is converted to DER before it is copied to the algorithm object. B_SetAlgorithmInfo returns BE_WRONG_ALGORITHM_INFO if the algorithm identifier specifies an algorithm other than DES-EDE3-CBC With Padding.

Format of info returned by B_GetAlgorithmInfo:

pointer to an ITEM structure that gives the address and length of the DER-encoded algorithm identifier.

Crypto-C procedures to use with algorithm object:

B_EncryptInit, B_EncryptUpdate, B_EncryptFinal, B_DecryptInit,

B_DecryptUpdate, and B_DecryptFinal. You may pass (B_ALGORITHM_OBJ)NULL_PTR for all randomAlgorithm arguments.

Algorithm methods to include in application’s algorithm chooser:

AM_DES_EDE3_CBC_ENCRYPT for encryption and AM_DES_EDE3_CBC_DECRYPT for

decryption.

C h a p t e r 2 A l g o r i t h m I n f o Ty p e s

33

Page 42 Page 44
Page 43
Image 43
RSA Security 5 manual AIDESEDE3CBCPadBER
Page 42 Page 44
Top Page Image Contents