Previous section.

Common Security: CDSA and CSSM
Copyright © 1997 The Open Group

NAME

CSSM_KR_GenerateRecoveryFields

SYNOPSIS

CSSM_CC_HANDLE CSSMAPI CSSM_KR_GenerateRecoveryFields
    (CSSM_CC_HANDLE KeyRecoveryContext,
    CSSM_CC_HANDLE CryptoContext,
    CSSM_DATA_PTR KRSPOptions,
    uint32 KRFlags,
    CSSM_DATA_PTR KRFields)

DESCRIPTION

This function generates the key recovery fields for a cryptographic association given the key recovery context, the session specific key recovery attributes, and the handle to the cryptographic context containing the key that is to be made recoverable. The session attributes and the flags are not interpreted at the KRMM layer. A non-NULL cryptographic context handle is returned if the key recovery field generation was successful. This returned handle can be used for the encrypt APIs of the CSSM. The generated key recovery fields are returned as an output parameter. The KRFlags parameter may be used to fine tune the contents of the KRFields produced by this operation.

PARAMETERS

KeyRecoveryContext (input)

The handle to the key recovery context for the cryptographic association.

CryptoContext (input)

The cryptographic context handle that points to the session key.

KRSPOptions (input)

The key recovery service provider specific options. These options are not interpreted by the KRMM, but passed on to the KRSP.

KRFlags (input)

Flag values for key recovery fields generation. Defined values are:

  • KR_INDIV-signifies that only the individual key recovery fields are to be generated

  • KR_ENT-signifies that only the enterprise key recovery fields are to be generated

  • KR_LE-signifies that only the law enforcement key recovery fields are to be generated

  • KR_OPTIMIZE-signifies that performance optimization options are to be adopted by a KRSP while implementing this operation

  • KR_DROP_WORKFACTOR-signifies that the key recovery fields should be generated without using the key size work factor.

KRFields (output)

The key recovery fields in the form of an uninterpreted data blob.

RETURN VALUES

A cryptographic context handle is returned. This handle is NULL if the generation of the key recovery fields was not successful.

ERRORS

CSSM_KR_INVALID_CC_HANDLE

Invalid crypto context handle.

CSSM_KR_INVALID_KRC_HANDLE

Invalid key recovery context handle.

CSSM_KR_INVALID_OPTIONS

Invalid recovery options.

CSSM_MEMORY_ERROR

Memory error.

Why not acquire a nicely bound hard copy?
Click here to return to the publication details or order a copy of this publication.
You should also read the legal notice explaining the terms and conditions relating to the CDSA documentation.

Contents Next section Index