Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ pkc_plcy_retrieve_keyinfo(3sec) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

pkc_plcy_retrieve_keyinfo(3sec)  —  Subroutines

NAME

pkc_plcy_retrieve_keyinfo — Retrieves keys for specified principal

Synopsis

unsigned32 pkc_plcy_retrieve_keyinfo(
gss_OID policy,
const void ∗ trust_base_handle,
const x500name & subjectName,
const utc_t ∗ date,
const uuid_t & desired_domain,
pkc_key_usage_t & desired_usage,
char initial_explicit_policy_required,
void ∗∗ keys_handle);

Parameters

Input

policySpecifies the policy being interrogated. 

trust_base_handle
Expresses the caller’s initial trust.

subjectName
Specifies the desired subject name (principal name).

dateSpecifies time for which information is to be returned. 

desired_domain
Specifies particular domain to which the key-search operation should be restricted. Specify sec_pk_domain_unspecified or NULL to indicate that keys for any domain should be retrieved. 

desired_usage
Allows the user to restrict the key-search operation to keys intended for one or more specific usages.

initial_explicit_policy_required
Specifies whether the initial certificate must explicitly contain the active policy in its policies field.

Output

keys_handle
The returned key information.

Description

pkc_plcy_retrieve_keyinfo(3sec) searches the list of registered policies for implementations of the specified policy. If found, the implementation is opened, if necessary, and its (retrieve_key_info)() function is invoked. Necessary mutex protection around non-thread safe policy implementations is provided. 

The desired_usage parameter consists of a bit mask, formed by AND-ing together one or more of the constants:

PKC_KEY_USAGE_AUTHENTICATION
Specifies keys that can be used to authenticate a user

PKC_KEY_USAGE_INTEGRITY
Specifies keys that can be used to provide integrity protection

PKC_KEY_USAGE_KEY_ENCIPHERMENT
Specifies keys that can be used to encrypt user keys

PKC_KEY_USAGE_DATA_ENCIPHERMENT
Specifies keys that can be used to encrypt user data

PKC_KEY_USAGE_KEY_AGREEMENT
Specifies keys that can be used for key-exchange

PKC_KEY_USAGE_NONREPUDIATION
Specifies keys that can be used for non-repudiation

PKC_CAKEY_USAGE_KEY_CERT_SIGN
Specifies keys that can be used to sign key certificates

PKC_CAKEY_USAGE_OFFLINE_CRL_SIGN
Specifies keys that can be used to sign CRLs

PKC_CAKEY_USAGE_TRANSACTION_SIGN
Specifies keys that can be used to sign transactions

A NULL can be specified for desired_usage to indicate that keys for any usage should be retrieved. 

Return Values

pkc_s_success
Operation successfully completed.

Errors

Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages. 

Related Information

Functions: pkc_plcy_intro(3sec), pkc_plcy_delete_keyinfo(3sec), pkc_plcy_delete_trustbase(3sec), pkc_plcy_establish_trustbase(3sec), pkc_plcy_get_key_certifier_count(3sec), pkc_plcy_get_key_certifier_info(3sec), pkc_plcy_get_key_count(3sec), pkc_plcy_get_key_data(3sec), pkc_plcy_get_key_trust(3sec), pkc_plcy_get_registered_policies(3sec), pkc_plcy_lookup_policy(3sec), pkc_plcy_retrieve_key(3sec), pkc_register_policy(3sec). 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026