SignData, CSSM_SignData, CSP_SignData - Sign all buffer
data (CDSA)
# include <cdsa/cssm.h>
API: CSSM_RETURN CSSMAPI CSSM_SignData (CSSM_CC_HANDLE
CCHandle, const CSSM_DATA *DataBufs, uint32 DataBufCount,
CSSM_ALGORITHMS DigestAlgorithm, CSSM_DATA_PTR Signature)
SPI: CSSM_RETURN CSSMCSPI CSP_SignData (CSSM_CSP_HANDLE
CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT
*Context, const CSSM_DATA *DataBufs, uint32 DataBufCount,
CSSM_ALGORITHMS DigestAlgorithm, CSSM_DATA_PTR Signature)
Common Security Services Manager library (libcssm.so)
The handle that describes the context of this cryptographic
operation used to link to the CSP-managed information.
A pointer to a vector of CSSM_DATA structures that
contain the data to be signed. The number of DataBufs to
be signed. If signing just a digest, specifies the type
of digest. In this case, the context should only specify
the encryption algorithm. If not signing just a digest, it
must be CSSM_ALGID_NONE. In this case, the context should
specify the combination digest/encryption algorithm. A
pointer to the CSSM_DATA structure for the signature.
The handle that describes the add-in cryptographic service
provider module used to perform up calls to CSSM for the
memory functions managed by CSSM. Pointer to CSSM_CONTEXT
structure that describes the attributes with this context.
This function signs all data contained in the set of input
buffers using the private key specified in the context.
The CSP can require that the cryptographic context include
access credentials for authentication and authorization
checks when using a private key or a secret key.
Signing can include digesting the data and encrypting the
digest or signing just the digest (already calculated by
the application). If digesting the data and encrypting the
digest, then the context should specify the combination
digest/encryption algorithm (for example,
CSSM_ALGID_MD5WithRSA). In this case, the DigestAlgorithm
parameter must be set to CSSM_ALGID_NONE. If signing just
the digest, then the context should specify just the
encryption algorithm and the DigestAlgorithm parameter
should specify the type of digest (for example,
CSSM_ALGID_MD5). Also, DataBufCount must be 1.
If the signing algorithm is not reversible or strictly
limits the size of the signed data, then the algorithm can
specify signing without digesting. In this case, the sign
operation is performed on the input data and the size of
the input data is restricted by the service provider.
The output is returned to the caller either by filling the
caller-specified buffer or by using the application's
declared memory allocation functions to allocate buffer
space. To specify a specific, preallocated output buffer,
the caller must provide an array of one or more CSSM_DATA
structures each, containing a Length field value greater
than zero and a non-NULL data pointer field value. To
specify automatic output buffer allocation by the CSP, the
caller must provide an array of one or more CSSM_DATA
structures, each containing a Length field value equal to
zero and a NULL data pointer field value. The application
is always responsible for deallocating the memory when it
is no longer needed.
The output is returned to the caller as specifed in
Buffer Management for Cryptographic Services.
A CSSM_RETURN value indicating success or specifying a
particular error condition. The value CSSM_OK indicates
success. All other values represent an error condition.
Errors are described in the CDSA technical standard. See
CDSA_intro(3). CSSMERR_CSP_OUTPUT_LENGTH_ERROR CSSMERR_CSP_INVALID_DIGEST_ALGORITHM
Books
Intel CDSA Application Developer's Guide (see
CDSA_intro(3))
Reference Pages [Toc] [Back]
Functions for the CSSM API:
CSSM_VerifyData(3), CSSM_SignDataInit(3), CSSM_SignDataUpdate(3), CSSM_SignDataFinal(3)
Functions for the CSP SPI:
CSP_VerifyData(3), CSP_SignDataInit(3), CSP_SignDataUpdate(3), CSP_SignDataFinal(3)
SignData(3)
[ Back ] | 