The handle identifying the attach-session whosecaller and callee scope is being tested by this function.
SrcAddress (input/optional)
An address to be tested for containment within theapplication that requested and created the attach-session identifiedby the module handle.
DestAddress (input/optional)
An address within a service module. The destinationaddress must be valid for the service provider associated with theattach-session identified by the module handle.
InPriv (input)
The privilege value to be checked. Privilege checksapply to both SrcAddress and DestAddress.
OutPriv (output)
If non-NULL, the global privilege will be checkedand returned in OutPriv.
Hints (input)
A flag providing search hints.
IsOK (output)
CSSM_TRUE if success, CSSM_FALSE if fail.
DESCRIPTIONThis function checks secure linkage between an applicationand a service module. Based on address scope of the applicationand the service module associated with the attach handle, CSSM determineswhether the SrcAddress is within an associatedapplication and DestAddress is within the associatedservice module. The scope of the application and the service moduleis determined by their respective signed manifest credentials, whichattest to the integrity of each entity.
This function uses the input privilege value InPriv tocompare against the privilege range associated with the ranges for SrcAddress and DestAddres.The privilege check is performed when the InPriv privilege valueis non-NULL. If the EMM wants the global privilege value to be checked, InPriv iszero and OutPriv is non-NULL. CSSM will returnthe privilege value in OutPriv. If integrityonly checks are to be performed, InPriv is zeroand OutPriv is NULL.
Another parameter called Hints is usedto help CSSM efficiently perform the integrity and privilege verificationoperations. Hints helps CSSM know where to lookto find the desired state information. In the regular case, CSSMwill look for SrcAddress in the CallerList and DestAddress inthe AttachList. For callback functions, the SrcAddress and DestAddress arelikely to be in AttachList.
RETURN VALUEA CSSM_RETURN value indicating success or specifying a particularerror condition. The value CSSM_OK indicates success. All othervalues represent an error condition. ERRORSErrors are described in the CDSA Technical Standard. SEE ALSOBooks