Chapter 2 Algorithm Info Types 33
AI_DES_EDE3_CBCPadBER
AI_DES_EDE3_CBCPadBERPurpose:
This AI is similar to AI_DES_EDE3_CBCPadIV8 except that it uses the ASN.1 BER
format. This AI allows you to parse and create ASN.1 algorithm identifiers such as
used in PKCS #7 and other protocols. You call B_SetAlgorithmInfo to initialize an
algorithm object from the encoded algorithm identifier that includes the initialization
vector. You call B_GetAlgorithmInfo with this AI to create an encoded algorithm
identifier from an algorithm object that was created using AI_DES_EDE3_CBC_PadIV8
or AI_DES_EDE3_CBCPadBER. The OID for this algorithm, excluding the tag and length
bytes, in decimal, is “42, 134, 72, 134, 247, 13, 3, 7”. Also see
AI_DES_EDE3_CBCPadIV8.
Type of information this allows you to use:
the encoding of an algorithm identifier that specifies the DES-EDE3-CBC encryption
algorithm, with padding scheme defined in PKCS #5.
Format of info supplied to B_SetAlgorithmInfo:
pointer to an ITEM structure that gives the address and length of the BER-encoded
algorithm identifier. The encoding is converted to DER before it is copied to the
algorithm object. B_SetAlgorithmInfo returns BE_WRONG_ALGORITHM_INFO if the
algorithm identifier specifies an algorithm other than DES-EDE3-CBC With Padding.
Format of info returned by B_GetAlgorithmInfo:
pointer to an ITEM structure that gives the address and length of the DER-encoded
algorithm identifier.
Crypto-C procedures to use with algorithm object:
B_EncryptInit, B_EncryptUpdate, B_EncryptFinal, B_DecryptInit,
B_DecryptUpdate, and B_DecryptFinal. You may pass (B_ALGORITHM_OBJ)NULL_PTR
for all
randomAlgorithm
arguments.
Algorithm methods to include in application’s algorithm chooser:
AM_DES_EDE3_CBC_ENCRYPT for encryption and AM_DES_EDE3_CBC_DECRYPT for
decryption.