Resumen del contenido incluido en la página 1
®
RSA BSAFE
Crypto-C
Cryptographic Components for C
Developer’s Guide
Version 5.2.2
Resumen del contenido incluido en la página 2
RSA Security Inc. RSA Security Ireland Limited 20 Crosby Drive Bay 127, Shannon Free Zone Bedford, MA 01730 USA Shannon, County Clare, Ireland Tel (US) 1 877 RSA 4900, +1 781 301 5000 Tel +353 61 72 5100 Fax +1 781 301 5170 Fax +353 61 72 5110 www.rsasecurity.com www.rsasecurity.ie See our Web Site for regional Customer Service telephone and fax numbers. Trademarks ACE/Server, BSAFE, Genuine RSA Encryption Engine, Keon, RC2, RC4, RC5, RSA, RSA SecurPC, SecurCare, SecurID, SoftID, and WebID are
Resumen del contenido incluido en la página 3
Contents Preface xv What’s New in Version 5.2.2? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi Improved performance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvi Hardware support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvi MultiPrime RSA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 4
Cryptographic Standards and Crypto-C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 PKCS Standards and Crypto-C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 NIST Standards and Crypto-C. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 PKCS Compared with NIST. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 ANSI X9 Standards and
Resumen del contenido incluido en la página 5
Optimal Asymmetric Encryption Padding (OAEP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Authentication and Digital Signatures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Digital Signature Algorithm (DSA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Diffie-Hellman Public Key Agreement . . . . . . . .
Resumen del contenido incluido en la página 6
Elliptic Curve Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Interoperability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 Elliptic Curve Standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 Security Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 Handling
Resumen del contenido incluido en la página 7
Memory-Management Routines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122 Memory-Management Routines and Standard C Libraries . . . . . . . . . . . . . . . . . .122 Memory Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 Binary Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 BER/DER Encoding. . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 8
Chapter 6 Symmetric-Key Operations 177 Block Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 DES with CBC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 Decrypting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 The RC2 Cipher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 9
Performing Diffie-Hellman Key Agreement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 Generating Diffie-Hellman Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249 Distributing Diffie-Hellman Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253 Crypto-C Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253 BER Format . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 10
Appendix A Command-Line Demos 327 Overview of the Demos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327 Command-Line Demo User’s Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 BDEMO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 Starting BDEMO. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 11
List of Figures Figure 3-1 Symmetric-Key Encryption and Decryption . . . . . . . . . . . . . . . . . . . . 36 Figure 3-2 Triple DES Encryption as Implemented in Crypto-C. . . . . . . . . . . . . . 38 Figure 3-3 Electronic Codebook (ECB) Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Figure 3-4 Cipher-Block Chaining (CBC) Mode . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Figure 3-5 Cipher Feedback (CFB) Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 12
xii RSA BSAFE Crypto-C Developer ’s Guide
Resumen del contenido incluido en la página 13
List of Tables 27 Table 3-1 Calculation of 8 mod 55. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Table 3-2 Elliptic Curve Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Table 3-3 DES Weak and Semi-Weak Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 Table 3-4 Summary of Recommended Key Sizes . . . . . . . . . . . . . . . . . . . . . . . 98 Table 4-1 Message Digests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 14
xiv RSA BSAFE Crypto-C Developer ’s Guide
Resumen del contenido incluido en la página 15
Preface Dear Crypto-C Developer: Congratulations on your purchase of RSA BSAFE® Crypto-C (Crypto-C), the state-of- the-art in cryptographic software toolkits. Crypto-C provides developers with the most important privacy, authentication, and data integrity routines. Crypto-C contains a full palette of popular cryptographic algorithms. This software development kit enables you to develop applications for a wide range of purposes, including electronic commerce, home banking, Webcasting, and e
Resumen del contenido incluido en la página 16
What’s New in Version 5.2.2? What’s New in Version 5.2.2? Following is a list of RSA BSAFE Crypto-C features that are new in version 5.2.2: Improved performance With the new performance improvements, you’ll be able to use RSA BSAFE Crypto- C’s algorithms at unprecedented levels of speed and throughput across a wide range of hardware platforms. RSA BSAFE Crypto-C’s support for the Intel Itanium™ and Pentium™4 processors will allow developers the ability to take advantage of benefits of these p
Resumen del contenido incluido en la página 17
Organization of This Manual V5.2. Use this AI to save the internal state of an RC4 encryption or decryption object, or to create a new object from the saved state of a previous RC4 object. Advanced Encryption Standard (AES) Crypto-C includes basic AES support for the cutting edge in processor technology: Intel Itanium and Pentium 4. Organization of This Manual This manual is organized as follows: Chapter 1, “Introduction,” introduces the Crypto-C toolkit. It lists the algorithms, cryptograp
Resumen del contenido incluido en la página 18
Conventions Used in This Manual Conventions Used in This Manual The following typographical conventions are used in this manual. Italic is used for: new terms where they are introduced the names of manuals and books Lucida Typewriter Sans is used for: anything that appears literally in a C program, such as the names of structures and functions supplied by Crypto-C: for example, B_DecodeInit Lucida Typewriter Sans Italic is used for: function parameters and placeholders that indicate tha
Resumen del contenido incluido en la página 19
Terms and Abbreviations Terms and Abbreviations The following table lists terms and abbreviations used in this document. Refer to the Glossary for a list of security and cryptographic terms and abbreviations, along with their definitions, that are used throughout the RSA BSAFE Crypto-C documentation set. Term or Abbreviation Definition Crypto-C RSA BSAFE Crypto-C: Cryptographic software development kit developers use to develop secure applications. .doc (file) Word for Windows, version 6.x
Resumen del contenido incluido en la página 20
Related Documents Related Documents Following is a list of documents referenced in this book and suggested material for further reading. 1. The Public-Key Cryptography Standards (PKCS), RSA Laboratories. (http://www.rsasecurity.com/rsalabs/PKCS/) 2. Frequently Asked Questions (FAQ) About Today’s Cryptography, RSA Laboratories. (http://www.rsasecurity.com/rsalabs/faq/) 3. The following Internet Standard documents: RFCs 1421, 1422, 1423, 1424 on Privacy Enhancement for Internet Electronic Ma