CSSM_CSP_CreateDeriveKeyContext(3)CSSM_CSP_CreateDeriveKeyContext(3)NAMECSSM_CSP_CreateDeriveKeyContext - Create a cryptographic context to
derive a symmetric key (CDSA)
SYNOPSIS
# include <cdsa/cssm.h>
CSSM_RETURN CSSMAPI CSSM_CSP_CreateDeriveKeyContext (CSSM_CSP_HANDLE
CSPHandle, CSSM_ALGORITHMS AlgorithmID, CSSM_KEY_TYPE DeriveKeyType,
uint32 DeriveKeyLengthInBits, const CSSM_ACCESS_CREDENTIALS *Access‐
Cred, const CSSM_KEY *BaseKey, uint32 IterationCount, const CSSM_DATA
*Salt, const CSSM_CRYPTO_DATA *Seed, CSSM_CC_HANDLE *NewContextHandle)
LIBRARY
Common Security Services Manager library (libcssm.so)
PARAMETERS
The handle that describes the add-in cryptographic service provider
module used to perform this function. If a NULL handle is specified,
CSSM returns an error. The algorithm identification number for a
derived key algorithm. The type of symmetric key to derive. The logi‐
cal length of the key in bits to be derived ( LogicalKeySizeInBits) A
pointer to the set of one or more credentials required to access the
base key. The credentials structure can contain an immediate value for
the credential, such as a passphrase, or the caller can specify a call‐
back function the CSP can use to obtain one or more credentials. If the
BaseKey is NULL, then this parameter is optional. The base key used to
derive the new key. The base key can be a public key, a private key, or
a symmetric key The number of iterations to be performed during the
derivation process. Used heavily by password-based derivation methods.
A Salt used in deriving the key. A seed used to generate a random num‐
ber. The caller can either pass a seed and seed length in bytes or pass
a callback function. If Seed is NULL, the cryptographic service
provider will use its default seed-handling mechanism. Cryptographic
context handle.
DESCRIPTION
This function creates a cryptographic context to derive a symmetric
key, given a handle of a CSP, an algorithm, the type of symmetric key
to derive, the length of the derived key, and an optional seed or an
optional AccessCredentials structure from which to derive a new key.
The cryptographic context handle is returned. The cryptographic context
handle can be used for calling the cryptographic derive key function.
RETURN VALUE
A CSSM_RETURN value indicating success or specifying a particular error
condition. The value CSSM_OK indicates success. All other values repre‐
sent an error condition.
SEE ALSO
Books
Intel CDSA Application Developer's Guide (see CDSA_intro(3))
Reference Pages
Functions: CSSM_DeriveKey(3)CSSM_CSP_CreateDeriveKeyContext(3)