Manual do usuário RSA Security 5.2.2

Resumo do conteúdo contido na página número 1

®
RSA BSAFE
Crypto-C
Cryptographic Components for C
Developer’s Guide
Version 5.2.2

Resumo do conteúdo contido na página número 2

RSA Security Inc. RSA Security Ireland Limited 20 Crosby Drive Bay 127, Shannon Free Zone Bedford, MA 01730 USA Shannon, County Clare, Ireland Tel (US) 1 877 RSA 4900, +1 781 301 5000 Tel +353 61 72 5100 Fax +1 781 301 5170 Fax +353 61 72 5110 www.rsasecurity.com www.rsasecurity.ie See our Web Site for regional Customer Service telephone and fax numbers. Trademarks ACE/Server, BSAFE, Genuine RSA Encryption Engine, Keon, RC2, RC4, RC5, RSA, RSA SecurPC, SecurCare, SecurID, SoftID, and WebID are

Resumo do conteúdo contido na página número 3

Contents Preface xv What’s New in Version 5.2.2? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi Improved performance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvi Hardware support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvi MultiPrime RSA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Resumo do conteúdo contido na página número 4

Cryptographic Standards and Crypto-C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 PKCS Standards and Crypto-C . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 NIST Standards and Crypto-C. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 PKCS Compared with NIST. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 ANSI X9 Standards and

Resumo do conteúdo contido na página número 5

Optimal Asymmetric Encryption Padding (OAEP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Authentication and Digital Signatures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 Digital Signature Algorithm (DSA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60 Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Diffie-Hellman Public Key Agreement . . . . . . . .

Resumo do conteúdo contido na página número 6

Elliptic Curve Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Interoperability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 Elliptic Curve Standards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 Security Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 Handling

Resumo do conteúdo contido na página número 7

Memory-Management Routines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122 Memory-Management Routines and Standard C Libraries . . . . . . . . . . . . . . . . . .122 Memory Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 Binary Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 BER/DER Encoding. . . . . . . . . . . . . . . . .

Resumo do conteúdo contido na página número 8

Chapter 6 Symmetric-Key Operations 177 Block Ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 DES with CBC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 Decrypting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 The RC2 Cipher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Resumo do conteúdo contido na página número 9

Performing Diffie-Hellman Key Agreement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 Generating Diffie-Hellman Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249 Distributing Diffie-Hellman Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253 Crypto-C Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253 BER Format . . . . . . . . . . . . . . .

Resumo do conteúdo contido na página número 10

Appendix A Command-Line Demos 327 Overview of the Demos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327 Command-Line Demo User’s Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 BDEMO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 Starting BDEMO. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Resumo do conteúdo contido na página número 11

List of Figures Figure 3-1 Symmetric-Key Encryption and Decryption . . . . . . . . . . . . . . . . . . . . 36 Figure 3-2 Triple DES Encryption as Implemented in Crypto-C. . . . . . . . . . . . . . 38 Figure 3-3 Electronic Codebook (ECB) Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Figure 3-4 Cipher-Block Chaining (CBC) Mode . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Figure 3-5 Cipher Feedback (CFB) Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Resumo do conteúdo contido na página número 12

xii RSA BSAFE Crypto-C Developer ’s Guide

Resumo do conteúdo contido na página número 13

List of Tables 27 Table 3-1 Calculation of 8 mod 55. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Table 3-2 Elliptic Curve Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Table 3-3 DES Weak and Semi-Weak Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 Table 3-4 Summary of Recommended Key Sizes . . . . . . . . . . . . . . . . . . . . . . . 98 Table 4-1 Message Digests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Resumo do conteúdo contido na página número 14

xiv RSA BSAFE Crypto-C Developer ’s Guide

Resumo do conteúdo contido na página número 15

Preface Dear Crypto-C Developer: Congratulations on your purchase of RSA BSAFE® Crypto-C (Crypto-C), the state-of- the-art in cryptographic software toolkits. Crypto-C provides developers with the most important privacy, authentication, and data integrity routines. Crypto-C contains a full palette of popular cryptographic algorithms. This software development kit enables you to develop applications for a wide range of purposes, including electronic commerce, home banking, Webcasting, and e

Resumo do conteúdo contido na página número 16

What’s New in Version 5.2.2? What’s New in Version 5.2.2? Following is a list of RSA BSAFE Crypto-C features that are new in version 5.2.2: Improved performance With the new performance improvements, you’ll be able to use RSA BSAFE Crypto- C’s algorithms at unprecedented levels of speed and throughput across a wide range of hardware platforms. RSA BSAFE Crypto-C’s support for the Intel Itanium™ and Pentium™4 processors will allow developers the ability to take advantage of benefits of these p

Resumo do conteúdo contido na página número 17

Organization of This Manual V5.2. Use this AI to save the internal state of an RC4 encryption or decryption object, or to create a new object from the saved state of a previous RC4 object. Advanced Encryption Standard (AES) Crypto-C includes basic AES support for the cutting edge in processor technology: Intel Itanium and Pentium 4. Organization of This Manual This manual is organized as follows:  Chapter 1, “Introduction,” introduces the Crypto-C toolkit. It lists the algorithms, cryptograp

Resumo do conteúdo contido na página número 18

Conventions Used in This Manual Conventions Used in This Manual The following typographical conventions are used in this manual. Italic is used for:  new terms where they are introduced  the names of manuals and books Lucida Typewriter Sans is used for:  anything that appears literally in a C program, such as the names of structures and functions supplied by Crypto-C: for example, B_DecodeInit Lucida Typewriter Sans Italic is used for:  function parameters and placeholders that indicate tha

Resumo do conteúdo contido na página número 19

Terms and Abbreviations Terms and Abbreviations The following table lists terms and abbreviations used in this document. Refer to the Glossary for a list of security and cryptographic terms and abbreviations, along with their definitions, that are used throughout the RSA BSAFE Crypto-C documentation set. Term or Abbreviation Definition Crypto-C RSA BSAFE Crypto-C: Cryptographic software development kit developers use to develop secure applications. .doc (file) Word for Windows, version 6.x

Resumo do conteúdo contido na página número 20

Related Documents Related Documents Following is a list of documents referenced in this book and suggested material for further reading. 1. The Public-Key Cryptography Standards (PKCS), RSA Laboratories. (http://www.rsasecurity.com/rsalabs/PKCS/) 2. Frequently Asked Questions (FAQ) About Today’s Cryptography, RSA Laboratories. (http://www.rsasecurity.com/rsalabs/faq/) 3. The following Internet Standard documents:  RFCs 1421, 1422, 1423, 1424 on Privacy Enhancement for Internet Electronic Ma