HP Open Source Security for OpenVMS Volume 1: Common Data Security Architecture > CDSA API Functions

VerifyData

 » Table of Contents

 » Glossary

 » Index

NAME

CSSM_VerifyData, CSP_VerifyData — Verify input buffer data (CDSA)

SYNOPSIS

# include <cssm.h>
API:
CSSM_RETURN CSSMAPI CSSM_VerifyData
(CSSM_CC_HANDLE CCHandle,
const CSSM_DATA *DataBufs,
uint32 DataBufCount,
CSSM_ALGORITHMS DigestAlgorithm,
const CSSM_DATA *Signature)
SPI:
CSSM_RETURN CSSMCSPI CSP_VerifyData
(CSSM_CSP_HANDLE CSPHandle,
CSSM_CC_HANDLE CCHandle,
const CSSM_CONTEXT *Context,
const CSSM_DATA *DataBufs,
uint32 DataBufCount,
CSSM_ALGORITHMS DigestAlgorithm,
const CSSM_DATA *Signature)

LIBRARY

Common Security Services Manager library (cdsa$incssm300_shr.exe)

API PARAMETERS

CCHandle (input) 

The handle that describes the context of this cryptographic operation used to link to the CSP-managed information.

DataBufs (input) 

A pointer to a vector of CSSM_DATA structures that contain the data to be operated on.

DataBufCount (input)
  

The number of DataBufs to be verified.

DigestAlgorithm (input)
  

If verifying just a digest, specifies the type of digest. In this case, the context should only specify the encryption algorithm. If not verifying just a digest, it must be CSSM_ALGID_NONE. In this case, the context should specify the combination digest/encryption algorithm.

Signature (input)
  

A pointer to a CSSM_DATA structure which contains the signature and the size of the signature.

SPI PARAMETERS

CSPHandle (input)
  

The handle that describes the add-in Cryptographic Service Provider module used to perform up calls to CSSM for the memory functions managed by CSSM.

Context (input) 

Pointer to CSSM_CONTEXT structure that describes the attributes with this context.

DESCRIPTION

This function verifies all data contained in the set of input buffers based on the input signature.

Verifying can include digesting the data and decrypting the digest (from the signature) or verifying just the digest (already calculated by the application). If digesting the data and decrypting the digest, then the context should specify both digest and decryption algorithms (for example, CSSM_ALGID_MD5WithRSA). In this case, the DigestAlgorithm parameter must be set to CSSM_ALGID_NONE. If signing just the digest, then the context should specify just the decryption algorithm and the DigestAlgorithm parameter should specify the type of digest (for example, CSSM_ALGID_MD5). Also, DataBufCount must be 1.

If the signing algorithm is not reversible or strictly limits the size of the signed data, then the algorithm can specify verification without digesting. In this case, the verify operation is performed on the input data and the size of the input data is restricted by the service provider.

RETURN VALUE

A CSSM_RETURN value indicating success or specifying a particular error condition. The value CSSM_OK indicates success. All other values represent an error condition.

ERRORS

Errors are described in the CDSA Technical Standard.

CSSMERR_CSP_INPUT_LENGTH_ERROR
CSSMERR_CSP_VERIFY_FAILED
CSSMERR_CSP_INVALID_SIGNATURE
CSSMERR_CSP_INVALID_DIGEST_ALGORITHM

SEE ALSO

Books

Intel CDSA Application Developer's Guide

Online Help

Functions for the CSSM API:

CSSM_SignData, CSSM_VerifyDataInit, CSSM_VerifyDataUpdate, CSSM_VerifyDataFinal

Functions for the CSP SPI:

CSP_SignData, CSP_VerifyDataInit, CSP_VerifyDataUpdate, CSP_VerifyDataFinal