skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 1:... HP Open Source Security for OpenVMS Volume 1:...
go to beginning of reference: API Functions API Functions
go to previous page: CSSM_GetContextAttribute CSSM_GetContextAttribute
go to next page: CSSM_GetKeyOwnerCSSM_GetKeyOwner
end of book navigation links


CSSM_GetKeyAcl
Library
Description
Errors
 Parameters
Return Value
See Also

NAME

CSSM_GetKeyAcl - Get ACL entries by key (CDSA)

SYNOPSIS  

# include <cssm.h>

CSSM_RETURN CSSMAPI CSSM_GetKeyAcl
(CSSM_CSP_HANDLE CSPHandle,
const CSSM_KEY *Key,
const CSSM_STRING *SelectionTag,
uint32 *NumberOfAclInfos,
CSSM_ACL_ENTRY_INFO_PTR *AclInfos)

return to top LIBRARY  

Common Security Services Manager library (cdsa$incssm300_shr.exe)

return to top PARAMETERS  

CSPHandle (input)
 The module handle that identifies the Cryptographic Service Provider to perform this operation.
Key (input) A pointer to the target key whose associated ACL entries are scanned and returned.
SelectionTag (input/optional)
 A CSSM_STRING value matching the user-defined tag value associated with one or more ACL entries for the target Key. To retrieve a description of all ACL entries for the target Key, this parameter must be NULL.
NumberOfAclInfos (output)
 The number of entries in the AclInfos array. If no ACL entry descriptions are returned, this value is zero.
AclInfos (output)
 An array of CSSM_ACL_ENTRY_INFO structures. The unique handle contained in this structure can be used during the current attach session to reference specific ACL entries for editing. The structure is allocated by the service provider and must be released by the caller when the structure is no longer needed. If no ACL entry descriptions are returned, this value is NULL.

return to top DESCRIPTION  

This function returns a description of zero or more ACL entries managed by the CSP and associated with the target key. The optional input SelectionTag restricts the returned descriptions to those ACL entries with a matching EntryTag value. If a SelectionTag value is specified and no matches are found, zero descriptions are returned. If no SelectionTag is specified, a description of all ACL entries associated with the key is returned by this function.

Each AclInfo structure contains:

The public ACL entry information returned by this function includes:
Subject
type and value
 A CSSM_LIST structure containing one element identifying the type of subject stored in the ACL entry.
Delegation flag
 A CSSM_BOOL value indicating whether the subject can delegate the permissions recorded in the authorization array.
Authorization array
 A CSSM_AUTHORIZATIONGROUP structure defining the set of operations for which permission is granted to the subject.
Validity period
 A CSSM_ACL_VALIDITY_PERIOD structure containing two elements, the start time and the stop time for which the ACL entry is valid.
ACL entry tag
 A CSSM_STRING containing a user-defined value associated with the ACL entry.

return to top RETURN VALUE  

A CSSM_RETURN value indicating success or specifying a particular error condition. The value CSSM_OK indicates success. All other values represent an error condition.

return to top ERRORS  

Errors are described in the CDSA Technical Standard.

None specific to this call.

return to top SEE ALSO  

Books

Intel CDSA Application Developer's Guide

Online Help

Functions: CSSM_ChangeKeyAcl

go to previous page: CSSM_GetContextAttribute CSSM_GetContextAttribute
go to next page: CSSM_GetKeyOwnerCSSM_GetKeyOwner