LINEBURG


<< . .

 6
( 9)



. . >>




OCI Functions for C 6-7
OCISecuritySign



6.7 OCISecuritySign
Purpose
OCISecuritySign creates an attached signature.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“9 OCISecuritySign parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona Open persona acting as signer {IN} nzttPersona
signature_state State of the signature {IN} nzttces
input_length Length of this input part {IN} sizt_t
input This input part {OUT} ub1
buffer_block TDU buffer {IN/OUT} nzttBufferBlock


Comments
This function generates a signature that consists of a cryptographic checksum of
the data to be signed: encrypted with the private key of the signing persona. The
original data is then attached to the signature.




6-8 Oracle Cryptographic Toolkit Programmer™s Guide
OCISecurityVerify




6.8 OCISecurityVerify
Purpose
OCISecurityVerify veri¬es an attached signature.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“10 OCISecurityVerify parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona Persona {IN} nzttPersona
signature_state State of veri¬cation {IN} nzttces
siglen TDU length {IN} size_t
signature Token Data Unit {IN} ub1
extracted_message Extracted message {IN/OUT} nzttBufferBlock
veri¬ed TRUE if signature is veri¬ed {OUT} boolean
validated TRUE if signing identity validated {OUT} boolean
signing_party_identity Identity of signing party {OUT} nzttIdentity


Comments
The data from the attached signature is used to generate a cryptographic checksum.
Then the signature part of the attached signature is decrypted using the signing
identity™s public key. The two checksums are then compared to verify they are iden-
tical. The signing identity is also validated to verify that it can be trusted and that it
has not expired.




OCI Functions for C 6-9
OCISecurityVerify



Returns
Following is a list of possible error codes returned by this function.

Table 6“11 OCISecurityVerify errors
Error Explanation
NZERROR_TK_CANTGROW Needed to grow output buffer but could not
NZERROR_TK_NOTOPEN Persona is not open
NZERROR_TK_NOTSUPP Function not supported with persona




6-10 Oracle Cryptographic Toolkit Programmer™s Guide
OCISecurityValidate




6.9 OCISecurityValidate
Purpose
OCISecurityValidate validates an identity.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“12 OCISecurityValidate parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona Persona {IN} nzttPersona
identity Identity {IN} nzttIdentity
validated TRUE if identity was validated {OUT} boolean


Comments
An identity is validated for trust and to verify that it has not expired.

Returns
Following is a list of possible error codes returned by this function.

Table 6“13 OCISecurityValidate errors
Error Explanation
NZERROR_TK_NOTOPEN Persona is not open
NZERROR_TK_NOTSUPP Function not supported with persona




OCI Functions for C 6-11
OCISecuritySignDetached



6.10 OCISecuritySignDetached
Purpose
OCISecuritySignDetached generates a detached signature.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“14 OCISecuritySignDetached parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona Persona {IN} nzttPersona
signature_state State of signature {IN} nzttces
input_length Length of this input part {IN} size_t
input This input part {IN} ub1
signature TDU buffer {IN/OUT} nzttBufferBlock


Comments
The function is identical to OCISecuritySign, but the data to be signed is not
attached to the signature. It generates a signature that consists of a cryptographic
checksum of the data to be signed, encrypted with the private key of the signing
persona.

Returns
Following is a list of possible error codes returned by this function.

Table 6“15 OCISecuritySignDetached errors
Error Explanation
NZERROR_TK_NOTSUPP Function not supported with persona




6-12 Oracle Cryptographic Toolkit Programmer™s Guide
OCISecurityVerifyDetached




6.11 OCISecurityVerifyDetached
Purpose
OCISecurityVerifyDetached veri¬es a detached signature.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“16 OCISecurityVerifyDetached parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona Persona {IN} nzttPersona
signature_state State of signature {IN} nzttces
data_length Length of data {IN} size_t
data Data {IN} ub1
siglen Input TDU length {IN} size_t
signature Input TDU {IN} ub1
veri¬ed TRUE if signature is veri¬ed {OUT} boolean
validated TRUE if signing identity validated {OUT} boolean
signing_party_identity Identity of signing party {OUT} nzttIdentity


Comments
This function is identical to OCISecurityVerify, except the signature does not con-
tain the data that will allow it to be veri¬ed. The data is provided by the applica-
tion calling the function.




OCI Functions for C 6-13
OCISecurityVerifyDetached



Returns
Following is a list of possible error codes returned by this function.

Table 6“17 OCISecurityVerifyDetached errors
Error Explanation
NZERROR_TK_NOTOPEN Persona is not open
NZERROR_TK_NOTSUPP Function not supported with persona




6-14 Oracle Cryptographic Toolkit Programmer™s Guide
OCISecurityHash




6.12 OCISecurityHash
Purpose
OCISecurityHash generates a hash.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“18 OCISecurityHash parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona Persona {IN} nzttPersona
hash_state State of hash {IN} nzttces
input Length of this input {IN} size_t
input_length This input {IN} ub1
hash Output TDU {IN/OUT} nzttBufferBlock


Comments
This hash is a cryptographic hash, or checksum, of the input.

Returns
Following is a list of some of the possible error codes returned by this function.

Table 6“19 OCISecurityHash errors
Error Explanation
NZERROR_TK_NOTSUPP Function not supported with persona




OCI Functions for C 6-15
OCISecuritySeedRandom



6.13 OCISecuritySeedRandom
Purpose
OCISecuritySeedRandom supplies a seed to the Oracle Cryptographic Toolkit.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“20 OCISecuritySeedRandom parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona nzttPersona
seed_length size_t
seed ub1




6-16 Oracle Cryptographic Toolkit Programmer™s Guide
OCISecurityRandomBytes




6.14 OCISecurityRandomBytes
Purpose
OCISecurityRandomBytes generates a buffer block for random bytes.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“21 OCISecurityRandomBytes parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona Persona {IN} nzttPersona
number_of_bytes_desired Number of bytes desired {IN} size_t
random_bytes Buffer block for bytes {IN/OUT} nzttBufferBlock




OCI Functions for C 6-17
OCISecurityRandomNumber



6.15 OCISecurityRandomNumber
Purpose
OCISecurityRandomNumber generates a random number.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“22 OCISecurityRandomNumber parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
persona Persona {IN} nzttPersona
random_number_ptr Number {OUT} uword




6-18 Oracle Cryptographic Toolkit Programmer™s Guide
OCISecurityInitBlock




6.16 OCISecurityInitBlock
Purpose
OCISecurityInitBlock initializes a buffer block.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“23 OCISecurityInitBlock parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
buffer_block Buffer block {IN/OUT} nzttBufferBlock


Comments
The buffer block is initialized to be empty (all members are set to zero/NULL).
This block is allocated to memory as needed.




OCI Functions for C 6-19
OCISecurityReuseBlock



6.17 OCISecurityReuseBlock
Purpose
OCISecurityReuseBlock reuses a previously initialized, and possibly used, block.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“24 OCISecurityReuseBlock parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
buffer_block Buffer block {IN/OUT} nzttBufferBlock


Comments
This function sets the used length member of the buffer block to zero (0). It will
cause a block to be reused if it already has memory allocated to it.




6-20 Oracle Cryptographic Toolkit Programmer™s Guide
OCISecurityPurgeBlock




6.18 OCISecurityPurgeBlock
Purpose
OCISecurityPurgeBlock purges a buffer block of its memory.

Parameter Descriptions
Following is a list of parameters, their descriptions, modes, and types.

Table 6“25 OCISecurityPurgeBlock parameters
Parameter Name Description Mode Type
OCISecurity osshandle
OCIError error_handle
buffer_block Buffer block {IN/OUT} nzttBufferBlock


Comments
This command affects only the memory used by the buffer. It does not affect the
block itself.



<< . .

 6
( 9)



. . >>

Copyright Design by: Sunlight webdesign