DecryptData(3)DecryptData(3)NAME
DecryptData, CSSM_DecryptData, CSP_DecryptData - Decrypt buffer data
(CDSA)
SYNOPSIS
# include <cdsa/cssm.h>
API: CSSM_RETURN CSSMAPI CSSM_DecryptData (CSSM_CC_HANDLE CCHandle,
const CSSM_DATA *CipherBufs, uint32 CipherBufCount, CSSM_DATA_PTR
ClearBufs, uint32 ClearBufCount, uint32 *bytesDecrypted, CSSM_DATA_PTR
RemData) SPI: CSSM_RETURN CSSMCSPI CSP_DecryptData (CSSM_CSP_HANDLE
CSPHandle, CSSM_CC_HANDLE CCHandle, const CSSM_CONTEXT *Context, const
CSSM_DATA *CipherBufs, uint32 CipherBufCount, CSSM_DATA_PTR ClearBufs,
uint32 ClearBufCount, uint32 *bytesDecrypted, CSSM_DATA_PTR RemData,
CSSM_PRIVILEGE Privilege)
LIBRARY
Common Security Services Manager library (libcssm.so)
API PARAMETERS
The handle that describes the context of this cryptographic operation
used to link to the CSP-managed information. A pointer to a vector of
CSSM_DATA structures that contain the data to be decrypted. The number
of CipherBufs. A pointer to a vector of CSSM_DATA structures that con‐
tain the decrypted data resulting from the decryption operation. The
number of ClearBufs. A pointer to uint32 for the size of the decrypted
data in bytes. A pointer to the CSSM_DATA structure for the remaining
plain text if there is not enough buffer space available in the output
data structures.
SPI PARAMETERS
The handle that describes the add-in cryptographic service provider
module used to perform calls to CSSM for the memory functions managed
by CSSM. A pointer to CSSM_CONTEXT structure that describes the
attributes with this context. The export privilege to be applied dur‐
ing the cryptographic operation. This parameter is forwarded to the CSP
after CSSM verifies the caller and service provider privilege set
includes the specified PRIVILEGE.
DESCRIPTION
This function decrypts all data contained in the set of input buffers
using information in the context. The CSSM_QuerySize() (CSSM API), or
CSP_QuerySize() (CSP SPI), function can be used to estimate the output
buffer size required. The minimum number of buffers required to contain
the resulting plain text is produced as output. If the plain text
result does not fit within the set of output buffers, the remaining
plain text is returned in the single output buffer RemData.
The CSP can require that the cryptographic context include access cre‐
dentials for authentication and authorization checks when using a pri‐
vate key or a secret key.
NOTES FOR API
The output is returned to the caller either by filling the caller-spec‐
ified buffer or by using the application's declared memory allocation
functions to allocate buffer space. To specify a specific, pre-allo‐
cated output buffer, the caller must provide an array of one or more
CSSM_DATA structures, each containing a Length field value greater than
zero and a non-NULL data pointer field value. To specify automatic out‐
put buffer allocation by the CSP, the caller must provide an array of
one or more CSSM_DATA structures, each containing a Length field value
equal to zero and a NULL data pointer field value. The application is
always responsible for deallocating the memory when it is no longer
needed. In-place decryption can be done by supplying the same input and
output buffers.
NOTES FOR SPI
The output is returned to the caller as specified in Buffer Management
for Cryptographic Services.
RETURN VALUE
A CSSM_RETURN value indicating success or specifying a particular error
condition. The value CSSM_OK indicates success. All other values repre‐
sent an error condition.
ERRORS
Errors are described in the CDSA technical standard. See
CDSA_intro(3). CSSMERR_CSP_BLOCK_SIZE_MISMATCH CSSMERR_CSP_OUT‐
PUT_LENGTH_ERROR
SEE ALSO
Books
Intel CDSA Application Developer's Guide (see CDSA_intro(3))
Reference Pages
Functions for the CSSM API:
CSSM_QuerySize(3), CSSM_EncryptData(3), CSSM_DecryptDataInit(3),
CSSM_DecryptDataUpdate(3), CSSM_DecryptDataFinal(3), CSSM_DecryptP(3),
CSSM_DecryptDataInitP(3)
Functions for the CSP SPI:
CSP_QuerySize(3), CSP_EncryptData(3), CSP_DecryptDataInit(3),
CSP_DecryptDataUpdate(3), CSP_DecryptDataFinal(3)DecryptData(3)