skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 1:... HP Open Source Security for OpenVMS Volume 1:...
go to beginning of reference: API FunctionsAPI Functions
go to previous page: CSSM_InitCSSM_Init
go to next page: cssm_IsFuncCallValidcssm_IsFuncCallValid
end of book navigation links


CSSM_Introduce
Library
Description
Errors
 Parameters
Return Value
See Also

NAME

CSSM_Introduce - Identify an executable module (CDSA)

SYNOPSIS  

# include <cssm.h>

CSSM_RETURN CSSMAPI CSSM_Introduce(const CSSM_GUID *ModuleID,CSSM_KEY_HIERARCHY KeyHierarchy)

return to top LIBRARY  

Common Security Services Manager library (cdsa$incssm300_shr.exe)

return to top PARAMETERS  

ModuleID (input)
 The CSSM_GUID of the calling library or other librarythat might call CDSA interfaces. The GUID is used to locate thesigned manifest credentials of the named module to calculate moduleintegrity information.
KeyHierarchy (input)
 The CSSM_KEY_HIERARCHY option directing CSSM whatembedded key to use when verifying integrity of the named module.

return to top DESCRIPTION  

The CSSM_Introduce() function identifies a dynamically loadable executablemodule (for example, DLL) to the CSSM framework. CSSM uses the ModuleID informationto locate the signed manifest and library on the host platform.The Module Directory Service (MDS) should be used to obtain theinformation. CSSM performs an integrity cross-check on the moduleidentified by ModuleID and caches the resultin an internal structure. The integrity cross-check uses the KeyHierarchy informationto determine which classes of embedded public keys must serve asanchors when doing certificate path validation. If the export keyhierarchy is specified, the set of export privileges contained inthe manifest are retrieved from the manifest and saved with theintegrity state information in the cache. Privileges granted toa module are accepted only if the manifest sections containing theprivilege set have been signed by a principal in the export keyhierarchy class and that hash of the module binary is part of thehash of the privilege attributes.

The CSSM_Introduce() can be called at any time after CSSM_Init(), by any module, on behalf of any module.

Once a module is introduced into CSSM the load location ofthe module must not change. If the load location changes then themodule must be reintroduced. Once introduced, the module load location,integrity, and privilege information is held until CSSM_Terminate() is called or the process terminates. Initializationof internal data structures maintaining the table of introductionsis performed when CSSM_Init() is called.

If CSSM_Introduce() is called on behalf of another module, then the callerneeds to make sure that the other module is loaded into the processaddress space. If the library is already loaded into process addressspace, but a reference to the library cannot be obtained, a differenterror is returned (CSSMERR_CSSM_LIB_REF_NOT_FOUND).

return to top RETURN VALUE  

A CSSM_RETURN value indicating success or specifying a particularerror condition. The value CSSM_OK indicates success. All othervalues represent an error condition.

return to top ERRORS  

Errors are described in the CDSA Technical Standard. 
CSSMERR_CSSM_INVALID_KEY_HIERARCHYCSSMERR_CSSM_LIB_REF_NOT_FOUND

return to top SEE ALSO  

Intel CDSA Application Developer's Guide
go to previous page: CSSM_InitCSSM_Init
go to next page: cssm_IsFuncCallValidcssm_IsFuncCallValid