Previous section.

Common Security: CDSA and CSSM
Copyright © 1997 The Open Group




    uint32 AlgorithmID,
    const CSSM_CRYPTO_DATA_PTR PassPhrase,
    uint32 KeySizeInBits,
    const CSSM_CRYPTO_DATA_PTR Seed,
    const CSSM_DATA_PTR Salt,
    const CSSM_DATA_PTR StartDate,
    const CSSM_DATA_PTR EndDate,
    const CSSM_DATA_PTR Params)


This function creates a key generation cryptographic context, given a handle of a CSP, an algorithm identification number, a pass phrase, a modulus size (for public/private keypair generation), a key size (for symmetric key generation), a seed, salt, and a label. The cryptographic context handle is returned. The cryptographic context handle can be used to call key/keypair generation functions.


CSPHandle (input)

The handle that describes the add-in cryptographic service provider module used to perform this function. If a NULL handle is specified, CSSM returns error.

AlgorithmID (input)

The algorithm identification number of the algorithm used for key generation.

PassPhrase (input)

The passphrase is required to unlock the private key. The passphrase structure accepts an immediate value for the passphrase or the caller can specify a callback function the CSP can use to obtain the passphrase. The passphrase is needed only for signature operations, not verify operations. Once the new key is created, the passphrase or nickname must be provided in all future references to access the private or symmetric key.

KeySizeInBits (input)

The logical size of the key (specified in bits). This refers to either the actual key size (for symmetric key generation) or the modulus size (for asymmetric key pair generation). This is the effective key size.

Seed (input/optional)

A seed used to generate the key. The caller can either pass a seed and seed length in bytes or pass in a callback function. If NULL is passed, the cryptographic service provider will use its default seed handling mechanism.

Salt (input/optional)

A Salt used to generate the key.

StartDate (input/optional)

A start date for the validity period of the key or key pair being generated.

EndDate (input/optional)

An end date for the validity period of the key or key pair being generated.

Params (input/optional)

A data buffer containing parameters required to generate a key pair for a specific algorithm.


Returns a cryptographic context handle. If the handle is NULL, an error has occurred. Use CSSM_GetError to obtain the error code.



Invalid provider handle.


Internal memory error.


CSSM_GenerateKey, CSSM_GenerateKeyPair,
CSSM_GetContext, CSSM_SetContext,
CSSM_DeleteContext, CSSM_GetContextAttribute,

Why not acquire a nicely bound hard copy?
Click here to return to the publication details or order a copy of this publication.
You should also read the legal notice explaining the terms and conditions relating to the CDSA documentation.

Contents Next section Index