Index Index for
Section 3
Index Alphabetical
listing for C
Bottom of page Bottom of
page		 

CSSM_CSP_CreateDeriveKeyContext(3)


NAME

  CSSM_CSP_CreateDeriveKeyContext - Create a cryptographic context to derive
  a symmetric key (CDSA)


SYNOPSIS

  # include <cdsa/cssm.h>

       CSSM_RETURN CSSMAPI CSSM_CSP_CreateDeriveKeyContext
       (CSSM_CSP_HANDLE CSPHandle,
       CSSM_ALGORITHMS AlgorithmID,
       CSSM_KEY_TYPE DeriveKeyType,
       uint32 DeriveKeyLengthInBits,
       const CSSM_ACCESS_CREDENTIALS *AccessCred,
       const CSSM_KEY *BaseKey,
       uint32 IterationCount,
       const CSSM_DATA *Salt,
       const CSSM_CRYPTO_DATA *Seed,
       CSSM_CC_HANDLE *NewContextHandle)


LIBRARY

  Common Security Services Manager library (libcssm.so)


PARAMETERS

  CSPHandle (input)
	  The handle that describes the add-in cryptographic service provider
	  module used to perform this function. If a NULL handle is
	  specified, CSSM returns an error.

  AlgorithmID (input)
	  The algorithm identification number for a derived key algorithm.

  DeriveKeyType (input)
	  The type of symmetric key to derive.

  DeriveKeyLengthInBits (input)
	  The logical length of the key in bits to be derived (
	  LogicalKeySizeInBits)

  AccessCred (input/optional)
	  A pointer to the set of one or more credentials required to access
	  the base key. The credentials structure can contain an immediate
	  value for the credential, such as a passphrase, or the caller can
	  specify a callback function the CSP can use to obtain one or more
	  credentials. If the BaseKey is NULL, then this parameter is
	  optional.

  BaseKey (input/optional)
	  The base key used to derive the new key. The base key can be a
	  public key, a private key, or a symmetric key

  IterationCount (input/optional)
	  The number of iterations to be performed during the derivation
	  process.  Used heavily by password-based derivation methods.

  Salt (input/optional)
	  A Salt used in deriving the key.

  Seed (input/optional)
	  A seed used to generate a random number. The caller can either pass
	  a seed and seed length in bytes or pass a callback function. If
	  Seed is NULL, the cryptographic service provider will use its
	  default seed-handling mechanism.

  NewContextHandle (output)
	  Cryptographic context handle.


DESCRIPTION

  This function creates a cryptographic context to derive a symmetric key,
  given a handle of a CSP, an algorithm, the type of symmetric key to derive,
  the length of the derived key, and an optional seed or an optional
  AccessCredentials structure from which to derive a new key. The
  cryptographic context handle is returned. The cryptographic context handle
  can be used for calling the cryptographic derive key function.


RETURN VALUE

  A CSSM_RETURN value indicating success or specifying a particular error
  condition. The value CSSM_OK indicates success. All other values represent
  an error condition.


SEE ALSO

  Books

  Intel CDSA Application Developer's Guide (see CDSA_intro(3))

  Reference Pages

  Functions: CSSM_DeriveKey(3)

Index Index for
Section 3
Index Alphabetical
listing for C
Top of page Top of
page