Reference Guide
8 Chapter 1: Changes Between MES 4.0.1 and 4.1.n.n
RSA BSAFE Micro Edition Suite 4.4 Migration Guide
Cryptographic API Changes
Default PRNG
MES 4.1 adds the CTR DRBG as a self-seeding PRNG to the existing HMAC DRBG
implementations. The HMAC DRBG implementations are extended to include
HMAC SHA512/224 and HMAC 512/256 DRBGs. The PRNG created using the
identifier,
R_CR_ID_RANDOM_DEFAULT, chooses the CTR DRBG in preference to all
HMAC DRBGs when the default resources are used by an application.
Elliptic Curve Private Asymmetric Key Write Format
MES 4.1 introduced new write formats for elliptic curve (EC) private asymmetric
objects for the following functions:
•
R_PKEY_to_binary()
•
R_PKEY_to_bio()
•
R_PKEY_to_file()
R_PKEY_to_binary() now writes in the format described in RFC 5915. To write
EC private key objects in the pre-4.1 legacy format, set the format by calling
R_PKEY_set_info() with R_PKEY_INFO_ID_DEFAULT_ENCODING and
R_PKEY_FORMAT_PKCS8 before calling R_PKEY_to_binary().
R_PKEY_to_bio()
and
R_PKEY_to_file()
now write EC private asymmetric key
objects, to a BIO or file, in a specified format. Choosing the
R_PKEY_FORMAT_BINARY
format writes in the format described in RFC 5915, while choosing the
R_PKEY_FORMAT_PKCS8
format writes objects in the legacy format.
For more information about these functions and identifiers, see API Reference
Information in the RSA BSAFE Micro Edition Suite Developers Guide.