Previous section.

Common Security: CDSA and CSSM
Copyright © 1997 The Open Group

NAME

KRSP_GenerateRecoveryFields

SYNOPSIS

CSSM_RETURN CSSMKRSPI KRSP_GenerateRecoveryFields
    (CSSM_KRSP_HANDLE KRSPHandle,
    CSSM_CC_HANDLE KREnablementContextHandle,
    const CSSM_CONTEXT_PTR KREnablementContext,
    CSSM_CC_HANDLE CryptoContextHandle,
    const CSSM_CONTEXT_PTR CryptoContext,
    CSSM_DATA_PTR KRSPOptions,
    uint32 KRFlags,
    CSSM_DATA_PTR KRFields)

DESCRIPTION

This function generates the key recovery fields for a cryptographic association given the key recovery context, and the cryptographic context containing the key that is to be made recoverable. The session attribute and the flags are interpreted by the KRSP. A set of key recovery fields (KRFields) is returned if the function is successful. The KRFlags parameter may be used to fine tune the contents of the KRFields produced by this operation.

PARAMETERS

KRSPHandle (input)

The handle that describes the add-in key recovery service provider module used to perform up calls to CSSM for the memory functions managed by CSSM.

KREnablementContextHandle (input)

The handle that describes the context of this key recovery operation used to link to the KRSP-managed information.

KREnablementContext (input)

Pointer to CSSM_CONTEXT structure that describes the attributes with this key recovery context.

CryptoContextHandle (input)

The handle that describes the cryptographic context used to link to the CSP-managed information.

CryptoContext (input)

Pointer to CSSM_CONTEXT structure that describes the attributes of the cryptographic context.

KRSPOptions (input)

The key recovery service provider specific options. These options are uninterpreted by the SKMF, but passed on to the KRSP.

KRFlags (input)

Flag values for key recovery fields generation. Defined values are:

  • KR_INDIV-signifies that the individual key recovery fields should be generated.

  • KR_ENT-signifies that the enterprise key recovery fields should be generated.

  • KR_LE_MAN-signifies that the law enforcement key recovery fields pertaining to the manufacturing jurisdiction should be generated.

  • KR_LE_USE-signifies that the law enforcement key recovery fields pertaining to the jurisdiction of use should be generated.

  • KR_OPTIMIZE-signifies that performance optimization options are to be adopted by a KRSP while implementing this operation.

  • KR_DROP_WORKFACTOR-signifies that the key recovery fields should be generated without using the key size work factor.

KRFields (output)

The key recovery fields in the form of a data blob.

RETURN VALUE

A CSSM return value. This function returns CSSM_OK if successful and returns an error if an error has occurred.

ERRORS

CSSM_KR_INVALID_CC_HANDLE

Invalid crypto context handle.

CSSM_KR_INVALID_KRC_HANDLE

Invalid key recovery context handle.

CSSM_KR_INVALID_OPTIONS

Invalid recovery options.

CSSM_MEMORY_ERROR

Memory error.

Why not acquire a nicely bound hard copy?
Click here to return to the publication details or order a copy of this publication.
You should also read the legal notice explaining the terms and conditions relating to the CDSA documentation.

Contents Next section Index