Chapter 2 Algorithm Info Types 35
AI_DES_EDE3_CBCPadIV8
AI_DES_EDE3_CBCPadIV8Purpose:
This AI allows you to perform three-key DES in encrypt-decrypt-encrypt mode as
defined in ANSI X9.17 using the outer-CBC mode. This AI is initialized with an 8-byte
IV and operates on data that is of any byte length. The padding mode is PKCS #5,
which makes the ciphertext 1 to 8 bytes longer than the plaintext. See
AI_DES_EDE3_CBC_IV8 for the same algorithm type with no padding. See
AI_DES_EDE3_CBCPadBER for the same algorithm type with BER encoding.
Type of information this allows you to use:
an 8-byte initialization vector for the DES-EDE3-CBC encryption algorithm, with
padding scheme defined in PKCS #5.
Format of info supplied to B_SetAlgorithmInfo:
pointer to an unsigned char array that holds the 8 bytes of the initialization vector.
Format of info returned by B_GetAlgorithmInfo:
pointer to an unsigned char array that holds the 8 bytes of the initialization vector.
Crypto-C procedures to use with algorithm object:
B_EncryptInit, B_EncryptUpdate, B_EncryptFinal, B_DecryptInit,
B_DecryptUpdate, and B_DecryptFinal. You may pass (B_ALGORITHM_OBJ)NULL_PTR
for all
randomAlgorithm
arguments.
Algorithm methods to include in application’s algorithm chooser:
AM_DES_EDE3_CBC_ENCRYPT for encryption and AM_DES_EDE3_CBC_DECRYPT for
decryption.
Key info types for keyObject in B_EncryptInit or B_DecryptInit:
KI_DES24Strong, KI_24Byte, or KI_Item (if the length of the ITEM is 24).