The CCRYFIN macro covers the following functions
terminating a multiple-part encryption operation
terminating a multiple-part decryption operation
terminating a multiple-part message-digesting operation
terminating a multiple-part signature operation with return of signature
terminating a multiple-part verification operation with the verification of the signature
All functions are performed asynchronously if asynchronous function execution was specified for the task with C_Initialize.
A detailed description of the functions of the CCRYFIN macro can be found in PKCS#11 V2.20: Cryptographic Token Interface Standard in the sections 11.8 through 11.12 under “C_EncryptFinal”, “C_DecryptFinal”, “C_DigestFinal”, “C_SignFinal” and “C_VerifyFinal”.
Macro | Operands |
CCRYFIN | MF=C / D / L / M / E ,VERSION=001 / 002 ,ACTION=ENCRYPTFINAL / *DECRYPTFINAL / *DIGESTFINAL / *SIGNFINAL / *VERIFYFINAL / <var: enum-of _action_set: 1> / default: _action_set.undefined ,SESSION=<var: int:4> / <integer 0 .. 2147483647> / 0 ,DATA=<var: pointer> / NULL ,LEN=<var: int:4> / <integer 0 .. 2147483647> / 0 ,BOID=<var: int:4> / 0 ,RPOSTAD=<var: pointer> / NULL ,RPOSTL=<integer 1..2> / <var: int:4> / 0<integer 1..2> / <var: int:4> / 0 |
VERSION
specifies which version of the parameter area is to be generated. It is always advisable to use the latest version.
=001
This generates the format that was supported by CRYPT V1.0. This format only supports the parameters already known in CRYPT V1.0.
VERSION=001 is the default.
=002
This generates the format that is supported as of CRYPT V1.1.
ACTION
Type of action.
The corresponding PKCS#11 function is specified for each action code.
=*ENCRYPTFINAL
corresponds to the PKCS#11 function C_EncryptFinal;
terminates a multiple-part encryption operation.
=*DECRYPTFINAL
corresponds to the PKCS#11 function C_DecryptFinal;
terminates a multiple-part decryption operation.
=*DIGESTFINAL
corresponds to the PKCS#11 function C_DigestFinal;
terminates a multiple-part message-digesting operation.
=*SIGNFINAL
corresponds to the PKCS#11 function C_SignFinal;
terminates a multiple-part signature operation with return of signature
=*VERIFYFINAL
corresponds to the PKCS#11 function C_VerifyFinal;
terminates a multiple-part verification operation with the verification of the signature.
SESSION
Session identifier
DATA
points to data
*ENCRYPTFINAL, *DECRYPTFINAL, *DIGESTFINAL, *SIGNFINAL: DATA points to the output data.
*VERIFYFINAL: DATA points to the signature.
LEN
Length of the data in bytes
*ENCRYPTFINAL, *DECRYPTFINAL, *DIGESTFINAL, *SIGNFINAL: Length of the output data in bytes
*VERIFYFINAL: Length of the signature in bytes
BOID
Event identification
in the case of synchronous execution: BOID is not used.
In the case of asynchronous execution: Event identification to which the end of function processing is signalled.
RPOSTAD
Postcode address
in the case of synchronous execution: RPOSTAD is not used.
in the case of asynchronous execution: specifies a field containing postcode information which is to be transferred to the corresponding program that issues the SOLSIG call (see also “Executive Macros” user guide [3]).
Length of postcode: 4 or 8 bytes
RPOSTL
Postcode length
in the case of synchronous execution: RPOSTL is not used.
in the case of asynchronous execution: specifies the length of the postcode information in words (1 or 2).