RSA BSAFE Cert-C
API Reference

PKI_POP_GEN_INFO Union Reference

Contains information for generating a Proof-of-Possession (POP) for a signature, key-agreement, or encryption private key.

The popType field value of the C_SetPKICertReqPOPType() function determines which union member is valid. Use PKI_POP_GEN_INFO with the C_GeneratePKIProofOfPossession() function.

Parameters:

method

An int value that indicates the mechanism for generating a Proof-of- Possession for the private key. This member of the union is used when the certification request POP- type is PKI_POP_ENCRYPTION or PKI_POP_KEY_AGREE. For more information on POP-types, see PKI_CERTREQ_FIELDS on page .

POP Method Type	Description
`PKI_POP_METHOD_ENCRYPT_KEY`	The private key will be transmitted in the certification request, encrypted for the recipient.
`PKI_POP_METHOD_DH_MAC`	The private key should be a Diffie- Hellman key- agreement key and a specific DH-MAC algorithm that will be used to prove possession of that key.
`PKI_POP_METHOD_ENCRYPT_CERT`	The certificate will be encrypted using the public key in the certification request - only the possessor of the corresponding private key can decrypt the certificate.
`PKI_POP_METHOD_CHALLENGE`	The sender and the receiver will exchange a sequence of messages to prove the sender's ability to decrypt a message encrypted with the public key to be certified.

sign A PKI_POP_GEN_SIGNATURE_INFO structure that can be used when the certification request POP-type is PKI_POP_SIGNATURE. (Some PKI service providers may choose not to use this field for generating a Proof-of-Possession for signature keys. Instead, they might use data from the certificate template in the certification request.)

#include <pkimsg.h>

01395 typedef union {
01396   int                        method; /* one of PKI_POP_METHOD_* */
01397   PKI_POP_GEN_SIGNATURE_INFO sign;
01398 } PKI_POP_GEN_INFO;

The documentation for this union was generated from the following file:

pkimsg.h

RSA BSAFE^® Cert-C 2.7 API Reference