|
|
DL_Authenticate(3)
Contents |
DL_Authenticate, CSSM_DL_Authenticate - Provide authentication
credentials (CDSA)
# include <cdsa/cssm.h>
API: CSSM_RETURN CSSMAPI CSSM_DL_Authenticate
(CSSM_DL_DB_HANDLE DLDBHandle, CSSM_DB_ACCESS_TYPE AccessRequest,
const CSSM_ACCESS_CREDENTIALS *AccessCred) SPI:
CSSM_RETURN CSSMDLI DL_Authenticate (CSSM_DL_DB_HANDLE
DLDBHandle, CSSM_DB_ACCESS_TYPE AccessRequest, const
CSSM_ACCESS_CREDENTIALS *AccessCred)
Common Security Services Manager library (libcssm.so)
The handle pair that describes the add-in data storage
library module used to perform this function and the data
store to which access is being requested. If the form of
authentication being requested is authentication to the DL
module in general, then the data store handle must be
NULL. An indicator of the requested access mode for the
data store or DL module in general. A pointer to the set
of one or more credentials being presented for authentication
by the caller. The credentials can apply to the DL
module in general or to a particular data store managed by
this service module. The credentials required for creating
new data stores is defined by the DL and recorded in a
record in the MDS Primary DL relation. The required set of
credentials to access a particular data store is defined
by the DbInfo record containing meta-data for the specified
data store.
The credentials structure can contain multiple
types of credentials, as required for multi-factor
authentication. The credential data can be an immediate
value, such as a passphrase, PIN, certificate,
or template of user-specific data, or the
caller can specify a callback function the DL can
use to obtain one or more credentials.
This function allows the caller to provide authentication
credentials to the DL module at a time other than data
store creation, deletion, open, import, and export.
AccessRequest defines the type of access to be associated
with the caller. If the authentication credential applies
to access and use of a DL module in general, then the data
store handle specified in the DLDBHandle must be NULL.
When the authorization credential is to apply to a specific
data store, the handle for that data store must be
specified in the DLDBHandle pair.
A CSSM_RETURN value indicating success or specifying a
particular error condition. The value CSSM_OK indicates
success. All other values represent an error condition.
Errors are described in the CDSA technical standard. See
CDSA_intro(3). CSSMERR_DL_INVALID_ACCESS_REQUEST CSSMERR_DL_INVALID_DB_HANDLE
Books
Intel CDSA Application Developer's Guide (see
CDSA_intro(3))
Reference Pages [Toc] [Back]
DL_Authenticate(3)
[ Back ] | 