The handle pair that describes the add-in data storagelibrary module used to perform this function and the data storeto which access is being requested. If the form of authentication beingrequested is authentication to the DL module in general, then thedata store handle must be NULL.
AccessRequest (input)
An indicator of the requested access mode for thedata store or DL module in general.
AccessCred (input)
A pointer to the set of one or more credentialsbeing presented for authentication by the caller. The credentialscan apply to the DL module in general or to a particular data store managedby this service module. The credentials required for creating newdata stores is defined by the DL and recorded in a record in theMDS Primary DL relation. The required set of credentials to accessa particular data store is defined by the DbInfo recordcontaining meta-data for the specified data store.
The credentials structure can contain multiple types of credentials,as required for multi-factor authentication. The credential datacan be an immediate value, such as a passphrase, PIN, certificate,or template of user-specific data, or the caller can specify a callbackfunction the DL can use to obtain one or more credentials.
DESCRIPTIONThis function allows the caller to provide authenticationcredentials to the DL module at a time other than data store creation,deletion, open, import, and export. AccessRequest defines the typeof access to be associated with the caller. If the authenticationcredential applies to access and use of a DL module in general,then the data store handle specified in the DLDBHandle mustbe NULL. When the authorization credential is to apply to a specificdata store, the handle for that data store must be specified inthe DLDBHandle pair. RETURN VALUEA CSSM_RETURN value indicating success or specifying a particularerror condition. The value CSSM_OK indicates success. All othervalues represent an error condition. ERRORSErrors are described in the CDSA Technical Standard.