CSSM_DeriveKey
CSSM_RETURN CSSMAPI CSSM_DeriveKey
(CSSM_CC_HANDLE CCHandle,
const CSSM_KEY_PTR BaseKey,
CSSM_DATA_PTR Param,
uint32 KeyUsage,
uint32 KeyAttr,
const CSSM_DATA_PTR KeyLabel,
CSSM_KEY_PTR DerivedKey)
This function derives a new symmetric key using the context and information from the base key.
- CCHandle (input)
The handle that describes the context of this cryptographic operation.
- BaseKey (input)
The base key used to derive the new key. The base key may be a public key, a private key, or a symmetric key.
- Param (input/output)
This parameter varies depending on the derivation algorithm.
- KeyUsage (input/optional)
A bit mask indicating all permitted uses for the new derived key.
- KeyAttr (input/optional)
A bit mask defining attribute values for the new derived key.
- KeyLabel (input/optional)
Pointer to a byte string that will be used as the label for the derived key.
- DerivedKey (output)
A pointer to a CSSM_KEY structure that returns the derived key.
A CSSM return value. This function returns CSSM_OK if successful, and returns an error code if an error has occurred.
- CSSM_CSP_INVALID_CONTEXT_HANDLE
Invalid context handle.
- CSSM_CSP_INVALID_CONTEXT
Context type and operation do not match.
- CSSM_CSP_INVALID_ALGORITHM
Unknown algorithm.
- CSSM_CSP_INVALID_DATA_POINTER
Invalid input or output CSSM_DATA pointer.
- CSSM_CSP_INVALID_DATA
Invalid output CSSM_DATA buffer.
- CSSM_CSP_NOT_ENOUGH_BUFFER
The output buffer is not big enough.
- CSSM_CSP_INVALID_ALGORITHM
Unknown algorithm.
- CSSM_CSP_MEMORY_ERROR
Not enough memory to allocate.
- CSSM_CSP_OPERATION_UNSUPPORTED
Derive key service not supported.
- CSSM_CSP_OPERATION_FAILED
Cryptographic operation failed.
- CSSM_CSP_INVALID_SUBJECT_KEY
Invalid or missing BaseKey.
- CSSM_CSP_INVALID_KEYUSAGE_MASK
Specified usage mask for the key being derived is invalid.
- CSSM_CSP_KEYUSAGE_MASK_UNSUPPORTED
Requested usage mask for the key being derived is unsupported.
- CSSM_CSP_INVALID_KEYATTR_MASK
Specified attribute mask for the key being derived is invalid.
- CSSM_CSP_KEYATTR_MASK_UNSUPPORTED
Requested attribute mask for the key being derived is unsupported.
- CSSM_CSP_KEY_USAGE_INCORRECT
Usage mask on BaseKey does not allow key derivation.
- CSSM_CSP_INVALID_KEY
Invalid buffer specified for the DerivedKey parameter.
- CSSM_CSP_NOT_ENOUGH_BUFFER
The output DerivedKey buffer is not big enough.
- CSSM_CSP_KEY_ALGID_MISMATCH
The BaseKey does not match the operation.
- CSSM_CSP_KEY_KEYHEADER_INCONSISTENT
BaseKey header and BaseKey data is inconsistent.
- CSSM_CSP_KEY_FORMAT_INCORRECT
Unknown BaseKey format.
- CSSM_CSP_INVALID_ATTR_SEED
Invalid seed attribute in the context if caller provides the seed crypto data structure.
- CSSM_CSP_CALLBACK_FAILED
Seed callback function failed if caller provides a seed callback function.
- CSSM_CSP_INVALID_ATTR_PASSPHRASE
Invalid or missing passphrase attribute in the asymmetric context.
- CSSM_CSP_PASSPHRASE_INVALID
Passphrase length error or passphrase badly formed.
- CSSM_CSP_INVALID_ATTR_SALT
Invalid salt attribute if caller provides one.
- CSSM_CSP_INVALID_ATTR_INTERATION_COUNT
Invalid iteration count attribute or value.
- CSSM_CSP_INVALID_KEY_SIZE_IN_BITS
The key size in bits for BaseKey or DerivedKey is unsupported.
Comments
The KeyData field of the CSSM_KEY structure is not required to be allocated. In this case the memory required to represent the key is allocated by the CSP. The application is required to free this memory. The CSP will only allocate memory if the Data field of KeyData is NULL and the Length field is zero.
CSSM_CSP_CreateDeriveKeyContext
| Contents | Next section | Index |