skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 1:... HP Open Source Security for OpenVMS Volume 1:...
go to beginning of reference: API FunctionsAPI Functions
go to previous page: CSSM_IntroduceCSSM_Introduce
go to next page: CSSM_ListAttachedModuleManagersCSSM_ListAttachedModuleManagers
end of book navigation links


cssm_IsFuncCallValid
Library
Description
Errors
 Parameters
Return Value
See Also

NAME

cssm_IsFuncCallValid - Check secure linkage (CDSA)

SYNOPSIS  

# include <cssm.h>

CSSM_RETURN CSSMAPI cssm_IsFuncCallValid(CSSM_MODULE_HANDLE hAddin,CSSM_PROC_ADDR SrcAddress, /* application */,CSSM_PROC_ADDR DestAddress,CSSM_PRIVILEGE InPriv,CSSM_PRIVILEGE *OutPriv,CSSM_BITMASK Hints,CSSM_BOOL * IsOK)

return to top LIBRARY  

Common Security Services Manager library (cdsa$incssm300_shr.exe)

return to top PARAMETERS  

hAddIn (input)
 The handle identifying the attach-session whosecaller and callee scope is being tested by this function.
SrcAddress (input/optional)
 An address to be tested for containment within theapplication that requested and created the attach-session identifiedby the module handle.
DestAddress (input/optional)
 An address within a service module. The destinationaddress must be valid for the service provider associated with theattach-session identified by the module handle.
InPriv (input)
 The privilege value to be checked. Privilege checksapply to both SrcAddress and DestAddress.
OutPriv (output)
 If non-NULL, the global privilege will be checkedand returned in OutPriv.
Hints (input)
 A flag providing search hints.
IsOK (output)
 CSSM_TRUE if success, CSSM_FALSE if fail.

return to top DESCRIPTION  

This function checks secure linkage between an applicationand a service module. Based on address scope of the applicationand the service module associated with the attach handle, CSSM determineswhether the SrcAddress is within an associatedapplication and DestAddress is within the associatedservice module. The scope of the application and the service moduleis determined by their respective signed manifest credentials, whichattest to the integrity of each entity.

This function uses the input privilege value InPriv tocompare against the privilege range associated with the ranges for SrcAddress and DestAddres.The privilege check is performed when the InPriv privilege valueis non-NULL. If the EMM wants the global privilege value to be checked, InPriv iszero and OutPriv is non-NULL. CSSM will returnthe privilege value in OutPriv. If integrityonly checks are to be performed, InPriv is zeroand OutPriv is NULL.

Another parameter called Hints is usedto help CSSM efficiently perform the integrity and privilege verificationoperations. Hints helps CSSM know where to lookto find the desired state information. In the regular case, CSSMwill look for SrcAddress in the CallerList and DestAddress inthe AttachList. For callback functions, the SrcAddress and DestAddress arelikely to be in AttachList.

return to top RETURN VALUE  

A CSSM_RETURN value indicating success or specifying a particularerror condition. The value CSSM_OK indicates success. All othervalues represent an error condition.

return to top ERRORS  

Errors are described in the CDSA Technical Standard.

return to top SEE ALSO  

Books

Intel CDSA Application Developer's Guide

go to previous page: CSSM_IntroduceCSSM_Introduce
go to next page: CSSM_ListAttachedModuleManagersCSSM_ListAttachedModuleManagers