RDEMO:
Demonstration program for RSAREF
User's manual
RSA Laboratories
March 2, 1992
Copyright (C) 1991-2 RSA Laboratories, a division of RSA Data
Security, Inc.
This note describes RDEMO, a demonstration program included with the
RSAREF cryptographic toolkit.
RDEMO is a simple program that exercises RSAREF's cryptographic
operations. With RDEMO three "users" can perform the cryptographic
operations of signing, sealing, verifying, and opening files, as well
as generating key pairs.
RDEMO has a main menu with six commands. The main menu is displayed
when you start up RDEMO, and is displayed again after RDEMO performs
a command. After you select a command RDEMO prompts for parameters
such as file names.
RDEMO's commands and their parameters are summarized in the following
table.
RDEMO COMMAND PARAMETERS
S - Sign a file name of file
sign contents with private whether you want content encoded
key which user you want to sign as
optionally encode contents name of file in which to save
in PEM character set(*) signature
name of file in which to save encoded
content(**)
E - sEal a file name of file
sign contents with private which user you want to sign as
key which user you want to seal for
generate random DES key names of four files in which to save
IV(***) encrypted signature, encrypted key,
encrypt content, signature IV and encrypted content
with DES key
V - Verify a signed file whether content is encoded
decode contents if encoded names of two files in which (possibly
in PEM character set encoded) content and signature are
verify signature on saved
contents with public key which user signed the file
name of file in which to save
recovered content(**)
O - Open a sealed file names of four files in which encrypted
decrypt encrypted DES key content, encrypted signature,
with private key, encrypted key and IV are saved
decrypt encrypted content which user signed the file
signature with DES key which user the file was sealed for
verify signature on name of file in which to save
contents with public key recovered content
G - Generate a keypair length of key in bits (508-1024)
generate RSA public/ name of file in which to save key pair
private key pair
Q - Quit
(*) A 65-character subset of ASCII defined in RFC 1113. Most other
quantities are encoded in this set automatically.
(**) Only if content is encoded.
(***) Initialization vector for cipher-block chaining mode of DES.
NOTES
1. You select a user by number: '1', '2', or '3'. The first two
users have built-in RSA key pairs. The third user's key pair is
the one generated by RDEMO's 'Generate a key pair' command. The
third user is not active until the key pair is generated.
2. How you specify file names to RDEMO depends on your operating
system. RDEMO recognizes the special file name '-' as the
standard output stream (typically the screen display). You can
usually cancel an RDEMO command by giving a blank line in
response to a prompt for a parameter.
3. RDEMO reads most files and writes all files in binary mode. The
only exceptions are the files containing contents to be signed
or sealed. Those files are read in text mode, one line at a
time, with RDEMO replacing any <CR> and <LF> delimiters with a
<CR><LF> pair before encrypting, computing a message digest, or
encoding in printable ASCII. The <CR><LF> processing compensates
for differences in line delimiters in different operating
systems. RDEMO has a maximum file size of 1000 bytes.
4. RDEMO defaults to the MD5 message-digest algorithm for all
signatures. If you want the MD2 message-digest algorithm, put
the string '-2' on the command line when you start RDEMO.
5. If you want RDEMO not to display the main menu or any prompts,
put the string '-s' on the command line when you start RDEMO.
This is useful when RDEMO's input stream comes from a script
file.
6. RDEMO seeds RSAREF's random number generator with a fixed value.
As a result, RDEMO sessions with the same commands and
parameters produce the same results. The use of a fixed seed
value is not recommended for non-demonstration applications.