RDEMO: Demonstation Program for RSAREF(TM) User's Manual RSA Laboratories March 21, 1994 Version 2.0 Copyright (C) 1991-4 RSA Laboratories, a division of RSA Data Security, Inc. This note describes RDEMO, a program that demonstrates features of the RSAREF cryptographic toolkit. RDEMO is a simple program that exercises RSAREF's cryptographic operations. With RDEMO, you can perform the cryptographic operations of signing, sealing, verifying, and opening files, as well as generating key pairs. There can be up to three different key pairs, so you can simulate a multi-user environment. RDEMO has a main menu with six commands. The main menu is displayed when you start up RDEMO, and is displayed again after RDEMO performs a command. After you select a command RDEMO prompts for parameters such as file names. RDEMO's commands and their parameters are summarized in the following table. Note that these commands have the same names, but different parameters and functions than those in version 1.0. There is no maximum file size in the new program. The old program has been renamed to OLDRDEMO. RDEMO COMMAND PARAMETERS S - Sign a file name of file digest content which private key to sign with encrypt digest with message-digest algorithm private key name of file in which to save signature V - Verify a signed file name of file digest content which public key to verify with decrypt signature with message-digest algorithm public key name of file in which signature is compare result to digest saved E - sEal a file name of file generate random data name of file in which to save encryption key, IV(*) encrypted content encrypt key with public which public key to seal with key data encryption algorithm encrypt content with key names of files in which to save encrypted key and IV O - Open a sealed file name of file in which encrypted decrypt encrypted key content is saved with private key name of file in which to save decrypt encrypted content recovered content with key which private key to open with data encryption algorithm names of files in which encrypted key and IV are saved G - Generate a keypair length of key in bits (508-1024) generate RSA public/ name of file in which to save key pair private key pair Q - Quit (*) Initialization vector for cipher-block chaining mode. NOTES 1. You select keys by number: '1', '2', or '3'. The first two key pairs are built in. The third is generated by RDEMO's 'Generate a key pair' command. 2. How you specify file names to RDEMO depends on your operating system. RDEMO recognizes the special file name '-' as the standard output stream (typically the screen display). You can usually cancel an RDEMO command by giving a blank line in response to a prompt for a parameter. 3. RDEMO reads and writes all files except the key pair file (which it only writes) in binary mode. 4. Message-digest algorithm choices are MD2 and MD5. 5. For data encryption, the choices are DES, DESX, two-key triple-DES (DES-EDE2), and three-key triple-DES (DES-EDE3). 6. If you want RDEMO not to display the main menu or any prompts, put the string '-s' on the command line when you start RDEMO. This is useful when RDEMO's input stream comes from a script file. 7. RDEMO seeds RSAREF's random number generator with a fixed value. As a result, RDEMO sessions with the same commands and parameters produce the same results. The use of a fixed seed value is not recommended for non-demonstration applications.