![]() | Cryptographic Token Interface Standard |
PKCS#11 |
Cryptoki provides the following functions for digesting data:
CK_RV C_DigestInit( CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism);
C_DigestInit initializes a message-digesting operation.
hSession | is the session's handle; |
pMechanism | points to the digesting mechanism. |
CK_RV C_Digest( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen);
C_Digest digests data in a single part.
hSession | is the session's handle, pData points to the data; |
ulDataLen | is the length of the data; |
pDigest | points to the location that receives the message digest; |
pulDigestLen | points to the location that holds the length of the message digest. |
The digest operation must have been initialized with C_DigestInit. A call to C_Digest always terminates the active digest operation unless it returns CKR_BUFFER_TOO_SMALL or is a successful call (i.e., one which returns CKR_OK) to determine the length of the buffer needed to hold the message digest.
The input data and digest output can be in the same place, i.e., it is OK if pData and pDigest point to the same location.
C_Digest is equivalent to a sequence of C_DigestUpdate operations followed by C_DigestFinal.
CK_RV C_DigestUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen);
C_DigestUpdate continues a multiple-part message-digesting operation, processing another data part.
hSession | is the session's handle, pPart points to the data part; |
ulPartLen | is the length of the data part. |
CK_RV C_DigestKey( CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey);
C_DigestKey continues a multiple-part message-digesting operation by digesting the value of a secret key.
hSession | is the session's handle; |
hKey | is the handle of the secret key to be digested. |
If the value of the supplied key cannot be digested purely for some reason related to its length, C_DigestKey should return the error code CKR_KEY_SIZE_RANGE.
CK_RV C_DigestFinal( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen);
C_DigestFinal finishes a multiple-part message-digesting operation, returning the message digest.
hSession | is the session's handle; |
pDigest | points to the location that receives the message digest; |
pulDigestLen | points to the location that holds the length of the message digest. |
The digest operation must have been initialized with C_DigestInit. A call to C_DigestFinal always terminates the active digest operation unless it returns CKR_BUFFER_TOO_SMALL or is a successful call (i.e., one which returns CKR_OK) to determine the length of the buffer needed to hold the message digest.
CK_SESSION_HANDLE hSession; CK_MECHANISM mechanism = { CKM_MD5, NULL_PTR, 0 }; CK_BYTE data[] = {...}; CK_BYTE digest[16]; CK_ULONG ulDigestLen; CK_RV rv; . . . rv = C_DigestInit(hSession, &mechanism); if (rv != CKR_OK) { . . . } rv = C_DigestUpdate(hSession, data, sizeof(data)); if (rv != CKR_OK) { . . . } rv = C_DigestKey(hSession, hKey); if (rv != CKR_OK) { . . . } ulDigestLen = sizeof(digest); rv = C_DigestFinal(hSession, digest, &ulDigestLen); . . .