|
|
TP_CertGroupToTupleGroup(3)
Contents |
TP_CertGroupToTupleGroup, CSSM_TP_CertGroupToTupleGroup -
Create a set of authorization tuples (CDSA)
# include <cdsa/cssm.h>
API: CSSM_RETURN CSSMAPI CSSM_TP_CertGroupToTupleGroup
(CSSM_TP_HANDLE TPHandle, CSSM_CL_HANDLE CLHandle, const
CSSM_CERTGROUP *CertGroup, CSSM_TUPLEGROUP_PTR *TupleGroup)
SPI: CSSM_RETURN CSSMTPI TP_CertGroupToTupleGroup
(CSSM_TP_HANDLE TPHandle, CSSM_CL_HANDLE CLHandle, const
CSSM_CERTGROUP *CertGroup, CSSM_TUPLEGROUP_PTR *TupleGroup)
Common Security Services Manager library (libcssm.so)
The handle that describes the trust policy service module
used to perform this function. The handle that describes
the certificate library module that can be used to scan
the certificate fields for values. If no certificate
library module is specified, the TP module uses an assumed
CL module. A group of certificates in the native certificate
format supported by the Trust Policy module. The certificates
carry authorizations for one or more certificate
subjects. A pointer to a structure containing references
to one or more tuples resulting from the translation process.
Storage for structure and the tuples is allocated by
the service provider and must be deallocated by the application.
This function creates a set of authorization tuples based
on a set of input certificates. The certificates must be
of the type managed by the Trust Policy module. The trust
policy module may require that the input certificates be
successfully verified before being translated to tuples.
It is assumed that the certificates carry authorizations.
The trust policy service provider interprets the certificate
authorization fields and generates one or more tuples
corresponding to those authorizations. The certificates of
the type managed by the Trust Policy module. The resulting
tuples can be input to an authorization evaluation function,
such as CSSM_AC_AuthCompute() (CSSM API), or
AC_AuthCompute() (AC SPI), which determines whether a particular
action is authorized under a basic set of authorization
assumptions.
A CSSM_RETURN value indicating success or specifying a
particular error condition. The value CSSM_OK indicates
success. All other values represent an error condition.
Errors are described in the CDSA technical standard. See
CDSA_intro(3). CSSMERR_TP_INVALID_CL_HANDLE CSSMERR_TP_INVALID_CERTGROUP_POINTER
CSSMERR_TP_INVALID_CERTGROUP
Books
Intel CDSA Application Developer's Guide (see
CDSA_intro(3))
Reference Pages [Toc] [Back]
Functions for the CSSM API:
CSSM_TP_TupleGroupToCertGroup(3), CSSM_AC_AuthCompute(3)
Functions for the TP SPI:
TP_TupleGroupToCertGroup(3), AC_AuthCompute(3)
TP_CertGroupToTupleGroup(3)
[ Back ] | 