*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> WrapKey (3)              
Title
Content
Arch
Section
 

WrapKey(3)

Contents


NAME    [Toc]    [Back]

       WrapKey,  CSSM_WrapKey, CSP_WrapKey - Wrap a key using the
       context (CDSA)

SYNOPSIS    [Toc]    [Back]

       # include <cdsa/cssm.h>

       API:  CSSM_RETURN  CSSMAPI  CSSM_WrapKey   (CSSM_CC_HANDLE
       CCHandle, const CSSM_ACCESS_CREDENTIALS *AccessCred, const
       CSSM_KEY   *Key,   const    CSSM_DATA    *DescriptiveData,
       CSSM_WRAP_KEY_PTR  WrappedKey)  SPI:  CSSM_RETURN CSSMCSPI
       CSP_WrapKey  (CSSM_CSP_HANDLE  CSPHandle,   CSSM_CC_HANDLE
       CCHandle,     const     CSSM_CONTEXT    *Context,    const
       CSSM_ACCESS_CREDENTIALS *AccessCred, const CSSM_KEY  *Key,
       const    CSSM_DATA   *DescriptiveData,   CSSM_WRAP_KEY_PTR
       WrappedKey, CSSM_PRIVILEGE Privilege)

LIBRARY    [Toc]    [Back]

       Common Security Services Manager library (libcssm.so)

API PARAMETERS    [Toc]    [Back]

       The handle to the  context  that  describes  this  cryptographic
  operation.   A  pointer to the set of one or more
       credentials required to access the private or  secret  key
       to be exported from the CSP. The credentials structure can
       contain an immediate value for the credential, such  as  a
       passphrase,  or the caller can specify a callback function
       the CSP can use to obtain  one  or  more  credentials.   A
       pointer  to  the  key  to  be  wrapped.   A  pointer  to a
       CSSM_DATA structure containing additional descriptive data
       to  be  associated  and  included  with the key during the
       wrapping operation.  The caller and the wrapping algorithm
       incorporate  knowledge of the structure of the descriptive
       data. If the wrapping algorithm does not accept additional
       descriptive data, then this parameter must be NULL. If the
       wrapping algorithm accepts descriptive  data,  the  corresponding
  unwrapping  algorithm can be used to extract the
       descriptive  data  and  the   key.    A   pointer   to   a
       CSSM_WRAP_KEY structure that returns the wrapped key.

SPI PARAMETERS    [Toc]    [Back]

       The handle that describes the add-in cryptographic service
       provider module used to perform up-calls to CSSM  for  the
       memory functions managed by CSSM.  Pointer to CSSM_CONTEXT
       structure that describes the attributes with this context.
       The  export  privilege  to  be  applied during the cryptographic
 operation. This parameter is forwarded to the  CSP
       after CSSM verifies the caller and service provider privilege
 set includes the specified PRIVILEGE.

DESCRIPTION    [Toc]    [Back]

       This function wraps the supplied key using the context. It
       allows  a  key  to  be  exported from a CSP. Four types of
       wrapping exist: Wrap a symmetric key with a symmetric key.
       Wrap  a symmetric key with an asymmetric public key.  Wrap
       an asymmetric private key with a symmetric key.   Wrap  an
       asymmetric private key with an asymmetric public key.

       For types 1 and 3, a symmetric context should be provided.
       For types 2 and 4, an asymmetric context is  provided.  If
       there  is  a CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT argument in
       the context represented by the CCHandle, the value of  the
       attribute specifies the format of the wrapped key. If this
       argument is not present,  the  symmetric  key  is  wrapped
       according to CMS for types 1 and 3, and according to PKCS8
       for types 2 and 4. If the wrapping algorithm in  the  context
  is  CSSM_ALGID_NONE, then the key is returned in raw
       format, if permitted and supported by  the  CSP  (in  this
       case  the  CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT  attribute is
       ignored). All significant key attributes are  incorporated
       into  the  KeyHeader of the returned WrappedKey, such that
       the state of the key can be fully restored by  the  unwrap
       process.

       The   CSP  can  require  that  the  cryptographic  context
       includes access credentials for authentication and  authorization
 checks when using the secret or private key.

NOTES    [Toc]    [Back]

       The  KeyData  field of the CSSM_KEY structure is allocated
       by the CSP. The application is required to free this  memory
  using the CSSM_FreeKey() (CSSM API), or CSP_FreeKey()
       (CSP SPI) function, or with the  memory  functions  registered
 for the CSPHandle.

RETURN VALUE    [Toc]    [Back]

       A  CSSM_RETURN  value  indicating  success or specifying a
       particular error condition. The  value  CSSM_OK  indicates
       success. All other values represent an error condition.

ERRORS    [Toc]    [Back]

       Errors  are described in the CDSA technical standard.  See
       CDSA_intro(3).

       None specific to this call.

SEE ALSO    [Toc]    [Back]

      
      
       Books

       Intel   CDSA   Application    Developer's    Guide    (see
       CDSA_intro(3))

       Reference Pages    [Toc]    [Back]

       Functions for the CSSM API:

       CSSM_UnwrapKey(3)

       Functions for the CSP SPI:

       CSP_UnwrapKey(3)



                                                       WrapKey(3)
[ Back ]
 Similar pages
Name OS Title
WrapKeyP Tru64 Wrap a key with privilege (CDSA)
CSSM_GetContextAttribute Tru64 Get context attribute (CDSA)
CSSM_GetContext Tru64 Get context information (CDSA)
MDS_Terminate Tru64 Terminate the MDS service context (CDSA)
MDS_Initialize Tru64 Initiate service context with MDS (CDSA)
CSSM_SetContext Tru64 Replace all context information (CDSA)
CSSM_DeleteContext Tru64 Free the context structure (CDSA)
CSSM_UpdateContextAttributes Tru64 Update context attribute values (CDSA)
CSSM_FreeContext Tru64 Free memory associated with the context structure (CDSA)
CSSM_CSP_CreateDigestContext Tru64 Create a digest cryptographic context (CDSA)
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service