--- rsaref/doc/rdemo.txt 2018/04/24 16:37:52 1.1 +++ rsaref/doc/rdemo.txt 2018/04/24 16:38:24 1.1.1.2 @@ -1,21 +1,24 @@ RDEMO: - Demonstration program for RSAREF - User's manual + Demonstation Program for RSAREF(TM) + User's Manual RSA Laboratories - March 2, 1992 + March 21, 1994 - Copyright (C) 1991-2 RSA Laboratories, a division of RSA Data + Version 2.0 + + Copyright (C) 1991-4 RSA Laboratories, a division of RSA Data Security, Inc. -This note describes RDEMO, a demonstration program included with the -RSAREF cryptographic toolkit. +This note describes RDEMO, a program that demonstrates features +of the RSAREF cryptographic toolkit. RDEMO is a simple program that exercises RSAREF's cryptographic -operations. With RDEMO three "users" can perform the cryptographic -operations of signing, sealing, verifying, and opening files, as well -as generating key pairs. +operations. With RDEMO, you can perform the cryptographic operations +of signing, sealing, verifying, and opening files, as well as +generating key pairs. There can be up to three different key pairs, +so you can simulate a multi-user environment. RDEMO has a main menu with six commands. The main menu is displayed when you start up RDEMO, and is displayed again after RDEMO performs @@ -25,40 +28,42 @@ such as file names. RDEMO's commands and their parameters are summarized in the following table. +Note that these commands have the same names, but different +parameters and functions than those in version 1.0. There is no +maximum file size in the new program. The old program has been +renamed to OLDRDEMO. + RDEMO COMMAND PARAMETERS S - Sign a file name of file - sign contents with private whether you want content encoded - key which user you want to sign as - optionally encode contents name of file in which to save - in PEM character set(*) signature - name of file in which to save encoded - content(**) + digest content which private key to sign with + encrypt digest with message-digest algorithm + private key name of file in which to save + signature + +V - Verify a signed file name of file + digest content which public key to verify with + decrypt signature with message-digest algorithm + public key name of file in which signature is + compare result to digest saved E - sEal a file name of file - sign contents with private which user you want to sign as - key which user you want to seal for - generate random DES key names of four files in which to save - IV(***) encrypted signature, encrypted key, - encrypt content, signature IV and encrypted content - with DES key - -V - Verify a signed file whether content is encoded - decode contents if encoded names of two files in which (possibly - in PEM character set encoded) content and signature are - verify signature on saved - contents with public key which user signed the file - name of file in which to save - recovered content(**) - -O - Open a sealed file names of four files in which encrypted - decrypt encrypted DES key content, encrypted signature, - with private key, encrypted key and IV are saved - decrypt encrypted content which user signed the file - signature with DES key which user the file was sealed for - verify signature on name of file in which to save - contents with public key recovered content + generate random data name of file in which to save + encryption key, IV(*) encrypted content + encrypt key with public which public key to seal with + key data encryption algorithm + encrypt content with key names of files in which to save + encrypted key and IV + +O - Open a sealed file name of file in which encrypted + decrypt encrypted key content is saved + with private key name of file in which to save + decrypt encrypted content recovered content + with key which private key to open with + data encryption algorithm + names of files in which encrypted key + and IV are saved G - Generate a keypair length of key in bits (508-1024) generate RSA public/ name of file in which to save key pair @@ -67,18 +72,14 @@ G - Generate a keypair length o Q - Quit -(*) A 65-character subset of ASCII defined in RFC 1113. Most other - quantities are encoded in this set automatically. -(**) Only if content is encoded. -(***) Initialization vector for cipher-block chaining mode of DES. +(*) Initialization vector for cipher-block chaining mode. NOTES - 1. You select a user by number: '1', '2', or '3'. The first two - users have built-in RSA key pairs. The third user's key pair is - the one generated by RDEMO's 'Generate a key pair' command. The - third user is not active until the key pair is generated. + 1. You select keys by number: '1', '2', or '3'. The first two key + pairs are built in. The third is generated by RDEMO's 'Generate a + key pair' command. 2. How you specify file names to RDEMO depends on your operating system. RDEMO recognizes the special file name '-' as the @@ -86,25 +87,20 @@ NOTES usually cancel an RDEMO command by giving a blank line in response to a prompt for a parameter. - 3. RDEMO reads most files and writes all files in binary mode. The - only exceptions are the files containing contents to be signed - or sealed. Those files are read in text mode, one line at a - time, with RDEMO replacing any and delimiters with a - pair before encrypting, computing a message digest, or - encoding in printable ASCII. The processing compensates - for differences in line delimiters in different operating - systems. RDEMO has a maximum file size of 1000 bytes. - - 4. RDEMO defaults to the MD5 message-digest algorithm for all - signatures. If you want the MD2 message-digest algorithm, put - the string '-2' on the command line when you start RDEMO. + 3. RDEMO reads and writes all files except the key pair file (which + it only writes) in binary mode. + + 4. Message-digest algorithm choices are MD2 and MD5. + + 5. For data encryption, the choices are DES, DESX, two-key + triple-DES (DES-EDE2), and three-key triple-DES (DES-EDE3). - 5. If you want RDEMO not to display the main menu or any prompts, + 6. If you want RDEMO not to display the main menu or any prompts, put the string '-s' on the command line when you start RDEMO. This is useful when RDEMO's input stream comes from a script file. - 6. RDEMO seeds RSAREF's random number generator with a fixed value. + 7. RDEMO seeds RSAREF's random number generator with a fixed value. As a result, RDEMO sessions with the same commands and parameters produce the same results. The use of a fixed seed value is not recommended for non-demonstration applications.