CSSM_WrapKey man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

WrapKey(3)							    WrapKey(3)

       WrapKey,	 CSSM_WrapKey,	CSP_WrapKey  -	Wrap  a	 key using the context

       # include <cdsa/cssm.h>

       CSSM_ACCESS_CREDENTIALS	 *AccessCred,	const	CSSM_KEY  *Key,	 const
       CSSM_DATA   *DescriptiveData,   CSSM_WRAP_KEY_PTR   WrappedKey)	  SPI:
       CSSM_CC_HANDLE	CCHandle,   const   CSSM_CONTEXT    *Context,	 const
       CSSM_ACCESS_CREDENTIALS	 *AccessCred,	const	CSSM_KEY  *Key,	 const
       CSSM_DATA *DescriptiveData, CSSM_WRAP_KEY_PTR  WrappedKey,  CSSM_PRIVI‐
       LEGE Privilege)

       Common Security Services Manager library (libcssm.so)

       The  handle to the context that describes this cryptographic operation.
       A pointer to the set of one or more credentials required to access  the
       private	or  secret  key	 to  be exported from the CSP. The credentials
       structure can contain an immediate value for the credential, such as  a
       passphrase,  or	the caller can specify a callback function the CSP can
       use to obtain one or more credentials.  A pointer  to  the  key	to  be
       wrapped.	  A  pointer  to  a  CSSM_DATA structure containing additional
       descriptive data to be associated and included with the key during  the
       wrapping	 operation.  The caller and the wrapping algorithm incorporate
       knowledge of the structure of the descriptive  data.  If	 the  wrapping
       algorithm does not accept additional descriptive data, then this param‐
       eter must be NULL. If the wrapping algorithm accepts descriptive	 data,
       the  corresponding  unwrapping  algorithm  can  be  used to extract the
       descriptive data and the key.  A pointer to a  CSSM_WRAP_KEY  structure
       that returns the wrapped key.

       The  handle  that  describes  the add-in cryptographic service provider
       module used to perform up-calls to CSSM for the memory  functions  man‐
       aged  by	 CSSM.	 Pointer  to CSSM_CONTEXT structure that describes the
       attributes with this context.  The export privilege to be applied  dur‐
       ing the cryptographic operation. This parameter is forwarded to the CSP
       after CSSM verifies the	caller	and  service  provider	privilege  set
       includes the specified PRIVILEGE.

       This function wraps the supplied key using the context. It allows a key
       to be exported from a CSP. Four types of wrapping exist: Wrap a symmet‐
       ric  key with a symmetric key.  Wrap a symmetric key with an asymmetric
       public key.  Wrap an asymmetric private key with a symmetric key.  Wrap
       an asymmetric private key with an asymmetric public key.

       For  types 1 and 3, a symmetric context should be provided. For types 2
       and  4,	an  asymmetric	context	  is   provided.   If	there	is   a
       CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT  argument  in the context represented
       by the CCHandle, the value of the attribute specifies the format of the
       wrapped	key.  If  this	argument  is not present, the symmetric key is
       wrapped according to CMS for types 1 and 3, and according to PKCS8  for
       types   2   and	4.  If	the  wrapping  algorithm  in  the  context  is
       CSSM_ALGID_NONE, then the key is returned in raw format,	 if  permitted
       and     supported     by	    the	    CSP	    (in	   this	   case	   the
       CSSM_ATTRIBUTE_WRAPPED_KEY_FORMAT attribute is ignored).	 All  signifi‐
       cant key attributes are incorporated into the KeyHeader of the returned
       WrappedKey, such that the state of the key can be fully restored by the
       unwrap process.

       The CSP can require that the cryptographic context includes access cre‐
       dentials for authentication and authorization  checks  when  using  the
       secret or private key.

       The  KeyData  field  of the CSSM_KEY structure is allocated by the CSP.
       The  application	 is  required  to   free   this	  memory   using   the
       CSSM_FreeKey() (CSSM API), or CSP_FreeKey() (CSP SPI) function, or with
       the memory functions registered for the CSPHandle.

       A CSSM_RETURN value indicating success or specifying a particular error
       condition. The value CSSM_OK indicates success. All other values repre‐
       sent an error condition.

       Errors  are  described	in   the   CDSA	  technical   standard.	   See

       None specific to this call.


       Intel CDSA Application Developer's Guide (see CDSA_intro(3))

       Reference Pages

       Functions for the CSSM API:


       Functions for the CSP SPI:



List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net