RSA Security Projection Television 5.2.2 Manual de usuario Pagina 163
- Pagina / 376
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Chapter 4 Using Crypto-C 141
Using Cryptographic Hardware
info types if it is a key that resides on the token and is not private.
Now you can send the public key to whomever you want. You can also save the
private key token info. If you give that token info (which consists of a manufacturer's
ID and a key handle) to Crypto-C again, you can use the key on the token.
Incidentally, the key handle is the internalKey field of the
KI_TOKEN_INFO and for the
PKCS #11 interface, Crypto-C uses the key class, key type and digest of the modulus
as the handle. Crypto-C sets the
CKA_ID attribute of the token key with the digest of
the modulus. See the "Advanced PKCS 11” section for more information.
Now that we have a key pair, we can sign.
KI_TOKEN_INFO *priKeyToken = (KI_TOKEN_INFO *)NULL_PTR;
ITEM *pubKeyInfo = (ITEM *)NULL_PTR;
if ((status = B_GetKeyInfo
((POINTER *)&priKeyToken, priKey, KI_Token)) != 0)
break;
if ((status = B_GetKeyInfo
((POINTER *)&pubKeyInfo, pubKey,
KI_RSAPublicBER)) != 0)
break;
if ((status = B_CreateAlgorithmObject (&signer)) != 0)
break;
if ((status = B_SetAlgorithmInfo
(signer, AI_MD5WithRSAEncryption, NULL_PTR)) != 0)
break;
if ((status = B_SignInit
(signer, priKey, hwChooserSign, NULL_SURR)) != 0)
break;
if ((status = B_SignUpdate
(signer, dataToSign, dataToSignLen, NULL_SURR)) != 0)
break;
if ((status = B_SignFinal
(signer, signature, &sigLen, sizeof (signature),
NULL_RAND, NULL_SURR)) != 0)
break;
- Crypto-C 1
- First printing: May 2001 2
- Contents 3
- Quick Start 7 4
- Cryptography 35 4
- Using Crypto-C 101 6
- Symmetric-Key Operations 177 8
- Public-Key Operations 213 8
- Secret Sharing Operations 305 9
- Command-Line Demos 327 10
- Glossary 339 10
- Index 349 10
- List of Figures 11
- List of Tables 13
- What’s New in Version 5.2.2? 16
- Organization of This Manual 17
- Terms and Abbreviations 19
- Related Documents 20
- How to Contact RSA Security 22
- Introduction 23
- The Crypto-C Toolkit 24
- Hardware Support 25
- PKCS Standards and Crypto-C 26
- NIST Standards and Crypto-C 26
- PKCS Compared with NIST 27
- Quick Start 29
- The Six-Step Sequence 30
- Introductory Example 31
- Chapter 2 Quick Start 11 33
- Chapter 2 Quick Start 13 35
- Chapter 2 Quick Start 15 37
- Chapter 2 Quick Start 17 39
- Chapter 2 Quick Start 21 43
- Putting It All Together 44
- Chapter 2 Quick Start 25 47
- Multiple Updates 51
- Chapter 2 Quick Start 31 53
- Summary of the Six Steps 54
- Cryptography 57
- Cryptography Overview 58
- Ciphers in Crypto-C 59
- Triple DES 60
- • word size 61
- • rounds 61
- • key size (in bytes) 61
- Modes of Operation 63
- Cipher Feedback (CFB) Mode 65
- Output Feedback (OFB) Mode 67
- Public-Key Cryptography 72
- Modular Math 74
- Prime Numbers 74
- MultiPrime Numbers 74
- Security 76
- Digital Envelopes 77
- Figure 3-10 Digital Envelope 78
- Chapter 3 Cryptography 57 79
- • A message 80
- Chapter 3 Cryptography 59 81
- Digital Certificates 83
- The Algorithm 84
- Parameter Generation 85
- Elliptic Curve Cryptography 87
- Elliptic Curve Parameters 88
- Odd Prime Fields 89
- Fields of Even Characteristic 89
- The Point P and its Order 91
- The Order of a Point 92
- A Point of Prime Order 92
- The Cofactor 93
- ECDSA Signature Scheme 95
- Verifying a Signature 96
- 98
- 98
- The Math 101
- Secret Sharing 102
- Working with Keys 103
- Key Management 104
- Key Escrow 104
- Applications of Cryptography 105
- Point-to-Point Applications 106
- Client/Server Applications 107
- Peer-to-Peer Applications 108
- Choosing Algorithms 109
- Secret Sharing and Key Escrow 111
- Elliptic Curve Algorithms 111
- Interoperability 112
- Security Considerations 113
- Temporary Buffers 114
- Choosing Passwords 115
- DES Weak Keys 116
- Stream Ciphers 117
- Timing Attacks and Blinding 117
- · s mod n 118
- Choosing Key Sizes 119
- RSA Keys 120
- RC2 Effective Key Bits 121
- RC4 Key Bits 121
- RC5 Key Bits and Rounds 121
- Triple DES Keys 121
- Elliptic Curve Keys 122
- Using Crypto-C 123
- Basic Algorithm Info Types 124
- Summary of AIs 125
- Table 4-3 ASCII Encoding 126
- Algorithms in Crypto-C 127
- Symmetric Block Ciphers 127
- Symmetric Stream Ciphers 127
- RSA Public-Key Cryptography 129
- DSA Public-Key Cryptography 131
- Diffie-Hellman Key Agreement 132
- Bloom-Shamir Secret Sharing 133
- Hardware Interface 133
- Keys In Crypto-C 135
- RSA Public and Private Keys 136
- DSA Public and Private Keys 136
- Block Cipher Keys 136
- Token Keys 137
- Algorithm Choosers 138
- An RSA Algorithm Chooser 139
- The Surrender Context 140
- A Sample Surrender Function 141
- Saving State 142
- When to Allocate Memory 143
- Memory-Management Routines 144
- BER/DER Encoding 145
- Chapter 4 Using Crypto-C 125 147
- Input and Output 148
- The RSA Algorithm 149
- General Considerations 150
- Key Size 151
- Private Key Size 152
- • Total: 484 bytes 153
- Using Cryptographic Hardware 154
- B_CreateSessionchooser is 155
- PKCS #11 Support 156
- Chapter 4 Using Crypto-C 135 157
- Chapter 4 Using Crypto-C 137 159
- Chapter 4 Using Crypto-C 139 161
- Chapter 4 Using Crypto-C 141 163
- Advanced PKCS #11 169
- Hardware Issues 170
- Chapter 4 Using Crypto-C 149 171
- Non-Cryptographic Operations 173
- Message Digests 174
- Step 3: Init 175
- Step 4: Update 175
- Step 5: Final 176
- BER-Encoding the Digest 177
- Saved State 178
- B_SetAlgorithmInfo call 180
- Code (HMAC) 183
- Step 6: Destroy 186
- Generating Random Numbers 187
- Step 5: Generate 191
- Step 1: Create 192
- Step 2: Set 192
- Steps 4, 5, 6 193
- Encoding Binary Data To ASCII 194
- Decoding ASCII-Encoded Data 196
- Symmetric-Key Operations 199
- Block Ciphers 200
- Cipher KIs 203
- Decrypting 205
- The RC2 Cipher 206
- The RC5 Cipher 212
- The RC6 Cipher 218
- The AES Cipher 223
- Step 3b: Setting the Key Data 225
- Password-Based Encryption 228
- Public-Key Operations 235
- Performing RSA Operations 236
- MultiPrime 240
- How Many Primes? 241
- Structure 244
- Crypto-C Format 246
- RSA Public-Key Encryption 248
- RSA Private-Key Decryption 251
- RSA Digital Signatures 255
- Verifying a Digital Signature 258
- Performing DSA Operations 261
- Generating a DSA Key Pair 264
- DSA Signatures 265
- Computing a Digital Signature 266
- BER Format 276
- Step 4: Phase 1 279
- Step 5: Phase 2 280
- Saving the Object State 281
- The following procedure 288
- Step 3: Initialize 292
- Step 5: Phase 2 306
- Generating EC Parameters 307
- Generating an EC Key Pair 307
- Step 3: Init 312
- Using ECAES 319
- Using an EC Key Pair 320
- ECAES Public-Key Encryption 320
- ECAES Private-Key Decryption 324
- Step 4: Update 324
- Secret Sharing Operations 327
- Reconstructing the Secret 331
- Putting It All Together: 335
- An X9.31 Example 335
- The X9.31 Sample Program 336
- Generating Random Bytes 337
- Providing the Seed 339
- Generating a Key Pair 340
- Verifying the Signature 345
- Surrendering Control 347
- Printing the Buffer Contents 348
- Command-Line Demos 349
- Starting BDEMO 350
- Specifying User Keys 351
- Using BDEMO 351
- Create a File Envelope 352
- Verify a Signed File 352
- Open a File Envelope 352
- Generate a Key Pair 353
- BDEMODSA 354
- Sign a File 355
- Running BDEMOEC 356
- Using BDEMOEC 356
- File Reference 357
- Glossary 361
© 2020, manymanuals.es. Todos los derechos reservados | 0.054 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales