RSA Security Projection Television 5.2.2 Uživatelský manuál Strana 204
- Strana / 376
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
Block Ciphers
182 RSA BSAFE Crypto-C Developer’s Guide
Now that you have a key, you need an algorithm chooser and a surrender context.
This is a speedy function, so you can use a properly cast
NULL_PTR for the surrender
context; but you do want to build a chooser:
Step 4: Update
Enter the data to encrypt with B_EncryptUpdate. The Reference Manual Chapter 2 entry
for
AI_FeedbackCipher states that you may pass (B_ALGORITHM_OBJ)NULL_PTR for all
randomAlgorithm
arguments. Once you have your input, call B_EncryptUpdate.
Remember that DES is a block cipher and requires input that is a multiple of eight
bytes. Because you set
fbParams.paddingMethodName
to "pad" (see page 180), Crypto-
C will pad to make the input a multiple of eight bytes. That means that the output
buffer should be at least eight bytes longer than the input length. DES is a fast
algorithm, so for small amounts of data it is reasonable to pass a properly cast
NULL_PTR for the surrender context. If you want to pass a surrender context, refer to
the following code sample:
B_ALGORITHM_METHOD *DES_CBC_CHOOSER[] = {
&AM_CBC_ENCRYPT,
&AM_DES_ENCRYPT,
&AM_SHA_RANDOM,
(B_ALGORITHM_METHOD *)NULL_PTR
};
if ((status = B_EncryptInit
(encryptionObject, desKey, DES_CBC_CHOOSER,
(A_SURRENDER_CTX *)NULL_PTR)) != 0)
break;
static char *dataToEncrypt = "Encrypt this sentence.";
unsigned char *encryptedData = NULL_PTR;
unsigned int outputBufferSize;
unsigned int outputLenUpdate, outputLenFinal;
unsigned int encryptedDataLen;
encryptedDataLen = dataToEncryptLen + 8;
encryptedData = T_malloc (encryptedDataLen);
if ((status = (encryptedData == NULL_PTR)) != 0)
break;
- Crypto-C 1
- First printing: May 2001 2
- Contents 3
- Quick Start 7 4
- Cryptography 35 4
- Using Crypto-C 101 6
- Symmetric-Key Operations 177 8
- Public-Key Operations 213 8
- Secret Sharing Operations 305 9
- Command-Line Demos 327 10
- Glossary 339 10
- Index 349 10
- List of Figures 11
- List of Tables 13
- What’s New in Version 5.2.2? 16
- Organization of This Manual 17
- Terms and Abbreviations 19
- Related Documents 20
- How to Contact RSA Security 22
- Introduction 23
- The Crypto-C Toolkit 24
- Hardware Support 25
- PKCS Standards and Crypto-C 26
- NIST Standards and Crypto-C 26
- PKCS Compared with NIST 27
- Quick Start 29
- The Six-Step Sequence 30
- Introductory Example 31
- Chapter 2 Quick Start 11 33
- Chapter 2 Quick Start 13 35
- Chapter 2 Quick Start 15 37
- Chapter 2 Quick Start 17 39
- Chapter 2 Quick Start 21 43
- Putting It All Together 44
- Chapter 2 Quick Start 25 47
- Multiple Updates 51
- Chapter 2 Quick Start 31 53
- Summary of the Six Steps 54
- Cryptography 57
- Cryptography Overview 58
- Ciphers in Crypto-C 59
- Triple DES 60
- • word size 61
- • rounds 61
- • key size (in bytes) 61
- Modes of Operation 63
- Cipher Feedback (CFB) Mode 65
- Output Feedback (OFB) Mode 67
- Public-Key Cryptography 72
- Modular Math 74
- Prime Numbers 74
- MultiPrime Numbers 74
- Security 76
- Digital Envelopes 77
- Figure 3-10 Digital Envelope 78
- Chapter 3 Cryptography 57 79
- • A message 80
- Chapter 3 Cryptography 59 81
- Digital Certificates 83
- The Algorithm 84
- Parameter Generation 85
- Elliptic Curve Cryptography 87
- Elliptic Curve Parameters 88
- Odd Prime Fields 89
- Fields of Even Characteristic 89
- The Point P and its Order 91
- The Order of a Point 92
- A Point of Prime Order 92
- The Cofactor 93
- ECDSA Signature Scheme 95
- Verifying a Signature 96
- 98
- 98
- The Math 101
- Secret Sharing 102
- Working with Keys 103
- Key Management 104
- Key Escrow 104
- Applications of Cryptography 105
- Point-to-Point Applications 106
- Client/Server Applications 107
- Peer-to-Peer Applications 108
- Choosing Algorithms 109
- Secret Sharing and Key Escrow 111
- Elliptic Curve Algorithms 111
- Interoperability 112
- Security Considerations 113
- Temporary Buffers 114
- Choosing Passwords 115
- DES Weak Keys 116
- Stream Ciphers 117
- Timing Attacks and Blinding 117
- · s mod n 118
- Choosing Key Sizes 119
- RSA Keys 120
- RC2 Effective Key Bits 121
- RC4 Key Bits 121
- RC5 Key Bits and Rounds 121
- Triple DES Keys 121
- Elliptic Curve Keys 122
- Using Crypto-C 123
- Basic Algorithm Info Types 124
- Summary of AIs 125
- Table 4-3 ASCII Encoding 126
- Algorithms in Crypto-C 127
- Symmetric Block Ciphers 127
- Symmetric Stream Ciphers 127
- RSA Public-Key Cryptography 129
- DSA Public-Key Cryptography 131
- Diffie-Hellman Key Agreement 132
- Bloom-Shamir Secret Sharing 133
- Hardware Interface 133
- Keys In Crypto-C 135
- RSA Public and Private Keys 136
- DSA Public and Private Keys 136
- Block Cipher Keys 136
- Token Keys 137
- Algorithm Choosers 138
- An RSA Algorithm Chooser 139
- The Surrender Context 140
- A Sample Surrender Function 141
- Saving State 142
- When to Allocate Memory 143
- Memory-Management Routines 144
- BER/DER Encoding 145
- Chapter 4 Using Crypto-C 125 147
- Input and Output 148
- The RSA Algorithm 149
- General Considerations 150
- Key Size 151
- Private Key Size 152
- • Total: 484 bytes 153
- Using Cryptographic Hardware 154
- B_CreateSessionchooser is 155
- PKCS #11 Support 156
- Chapter 4 Using Crypto-C 135 157
- Chapter 4 Using Crypto-C 137 159
- Chapter 4 Using Crypto-C 139 161
- Chapter 4 Using Crypto-C 141 163
- Advanced PKCS #11 169
- Hardware Issues 170
- Chapter 4 Using Crypto-C 149 171
- Non-Cryptographic Operations 173
- Message Digests 174
- Step 3: Init 175
- Step 4: Update 175
- Step 5: Final 176
- BER-Encoding the Digest 177
- Saved State 178
- B_SetAlgorithmInfo call 180
- Code (HMAC) 183
- Step 6: Destroy 186
- Generating Random Numbers 187
- Step 5: Generate 191
- Step 1: Create 192
- Step 2: Set 192
- Steps 4, 5, 6 193
- Encoding Binary Data To ASCII 194
- Decoding ASCII-Encoded Data 196
- Symmetric-Key Operations 199
- Block Ciphers 200
- Cipher KIs 203
- Decrypting 205
- The RC2 Cipher 206
- The RC5 Cipher 212
- The RC6 Cipher 218
- The AES Cipher 223
- Step 3b: Setting the Key Data 225
- Password-Based Encryption 228
- Public-Key Operations 235
- Performing RSA Operations 236
- MultiPrime 240
- How Many Primes? 241
- Structure 244
- Crypto-C Format 246
- RSA Public-Key Encryption 248
- RSA Private-Key Decryption 251
- RSA Digital Signatures 255
- Verifying a Digital Signature 258
- Performing DSA Operations 261
- Generating a DSA Key Pair 264
- DSA Signatures 265
- Computing a Digital Signature 266
- BER Format 276
- Step 4: Phase 1 279
- Step 5: Phase 2 280
- Saving the Object State 281
- The following procedure 288
- Step 3: Initialize 292
- Step 5: Phase 2 306
- Generating EC Parameters 307
- Generating an EC Key Pair 307
- Step 3: Init 312
- Using ECAES 319
- Using an EC Key Pair 320
- ECAES Public-Key Encryption 320
- ECAES Private-Key Decryption 324
- Step 4: Update 324
- Secret Sharing Operations 327
- Reconstructing the Secret 331
- Putting It All Together: 335
- An X9.31 Example 335
- The X9.31 Sample Program 336
- Generating Random Bytes 337
- Providing the Seed 339
- Generating a Key Pair 340
- Verifying the Signature 345
- Surrendering Control 347
- Printing the Buffer Contents 348
- Command-Line Demos 349
- Starting BDEMO 350
- Specifying User Keys 351
- Using BDEMO 351
- Create a File Envelope 352
- Verify a Signed File 352
- Open a File Envelope 352
- Generate a Key Pair 353
- BDEMODSA 354
- Sign a File 355
- Running BDEMOEC 356
- Using BDEMOEC 356
- File Reference 357
- Glossary 361
© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.060 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce