skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 1:... HP Open Source Security for OpenVMS Volume 1:...
go to beginning of reference: API Functions API Functions
go to previous page: CSSM_Introduce CSSM_Introduce
go to next page: CSSM_ListAttachedModuleManagersCSSM_ListAttachedModuleManagers
end of book navigation links


cssm_IsFuncCallValid
Library
Description
Errors
 Parameters
Return Value
See Also

NAME

cssm_IsFuncCallValid - Check secure linkage (CDSA)

SYNOPSIS  

# include <cssm.h>

CSSM_RETURN CSSMAPI cssm_IsFuncCallValid
(CSSM_MODULE_HANDLE hAddin,
CSSM_PROC_ADDR SrcAddress, /* application */,
CSSM_PROC_ADDR DestAddress,
CSSM_PRIVILEGE InPriv,
CSSM_PRIVILEGE *OutPriv,
CSSM_BITMASK Hints,
CSSM_BOOL * IsOK)

return to top LIBRARY  

Common Security Services Manager library (cdsa$incssm300_shr.exe)

return to top PARAMETERS  

hAddIn (input)
 The handle identifying the attach-session whose caller and callee scope is being tested by this function.
SrcAddress (input/optional)
 An address to be tested for containment within the application that requested and created the attach-session identified by the module handle.
DestAddress (input/optional)
 An address within a service module. The destination address must be valid for the service provider associated with the attach-session identified by the module handle.
InPriv (input)
 The privilege value to be checked. Privilege checks apply to both SrcAddress and DestAddress.
OutPriv (output)
 If non-NULL, the global privilege will be checked and returned in OutPriv.
Hints (input)
 A flag providing search hints.
IsOK (output)
 CSSM_TRUE if success, CSSM_FALSE if fail.

return to top DESCRIPTION  

This function checks secure linkage between an application and a service module. Based on address scope of the application and the service module associated with the attach handle, CSSM determines whether the SrcAddress is within an associated application and DestAddress is within the associated service module. The scope of the application and the service module is determined by their respective signed manifest credentials, which attest to the integrity of each entity.

This function uses the input privilege value InPriv to compare against the privilege range associated with the ranges for SrcAddress and DestAddres. The privilege check is performed when the InPriv privilege value is non-NULL. If the EMM wants the global privilege value to be checked, InPriv is zero and OutPriv is non-NULL. CSSM will return the privilege value in OutPriv. If integrity only checks are to be performed, InPriv is zero and OutPriv is NULL.

Another parameter called Hints is used to help CSSM efficiently perform the integrity and privilege verification operations. Hints helps CSSM know where to look to find the desired state information. In the regular case, CSSM will look for SrcAddress in the CallerList and DestAddress in the AttachList. For callback functions, the SrcAddress and DestAddress are likely to be in AttachList.

return to top RETURN VALUE  

A CSSM_RETURN value indicating success or specifying a particular error condition. The value CSSM_OK indicates success. All other values represent an error condition.

return to top ERRORS  

Errors are described in the CDSA Technical Standard.

return to top SEE ALSO  

Books

Intel CDSA Application Developer's Guide

go to previous page: CSSM_Introduce CSSM_Introduce
go to next page: CSSM_ListAttachedModuleManagersCSSM_ListAttachedModuleManagers