ModuleManagerAuthenticate
CSSM_RETURN CSSMAPI ModuleManagerAuthenticate
(const char *CssmCredentialPath,
const char *CssmSection,
const char *AppFileName,
const char *AppPathName)
This function should perform the elective module manager's half of the bilateral authentication procedure with CSSM. The CSSM credential path and section information is used to locate the CSSM's credentials to be verified. The credentials are a zipped, signed manifest.If the application filename and pathname are provided, the elective module manager has the option to perform an integrity and identity check of the attaching application. The filename and pathname can be used to locate the application's signed credentials.
This function is the first module manager interface invoked by CSSM after loading and invoking the main entry point. In particular, the elective module manager's initialize function is invoked by CSSM after this function has successfully completed execution.
- CssmCredentialPath (input)
A string containing the path name for locating the calling CSSM's credentials. These credentials are a zipped, signed manifest. The service module should verify these credentials as part of the bilateral authentication process.
- CssmSection (input)
A string containing the section name for the manifest section containing a description and cryptographic digest of the calling CSSM's object code.
- AppFileName (input/optional)
The name of the file that implements the application (containing its main entry point). This file name can be used to locate the application's credentials for purposes of application authentication by the elective module manager. The application provides this input to CSSM if the application has credentials it wishes to present for verification to CSSM or to other components in the system.
- AppPathName (input/optional)
The pathname to the file that implements the application (containing its main entry point). This pathname can be used to locate the application's credentials for purposes of application authentication by the elective module manager. The application provides this input to CSSM if the application has credentials it wishes to present for verification to CSSM or to other components in the system.
A CSSM return value. This function returns CSSM_OK if successful, and returns an error code if an error has occurred.
Contents | Next section | Index |