Library /sys$common/syshlp/helplib.hlb  —  CDSA  CDSA_API, TP CertGroupToTupleGroup
 NAME
   TP_CertGroupToTupleGroup,
   CSSM_TP_CertGroupToTupleGroup - Create a set of authorization
                                   tuples (CDSA)

 SYNOPSIS
   # include <cssm.h>

    API:
        CSSM_RETURN CSSMAPI CSSM_TP_CertGroupToTupleGroup
        (CSSM_TP_HANDLE TPHandle,
        CSSM_CL_HANDLE  CLHandle,
        const CSSM_CERTGROUP *CertGroup,
        CSSM_TUPLEGROUP_PTR *TupleGroup)
    SPI:
        CSSM_RETURN CSSMTPI TP_CertGroupToTupleGroup
        (CSSM_TP_HANDLE TPHandle,
        CSSM_CL_HANDLE  CLHandle,
        const CSSM_CERTGROUP *CertGroup,
        CSSM_TUPLEGROUP_PTR *TupleGroup)

 LIBRARY
   Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)

 PARAMETERS
   TPHandle (input)
           The handle that describes the trust policy service module
           used to perform this function.

   CLHandle (input/optional)
           The handle that describes the certificate library module that
           can be used to scan the certificate fields for values. If no
           certificate library module is specified, the TP module uses
           an assumed CL module.

   CertGroup (input)
           A group of certificates in the native certificate format
           supported by the Trust Policy module. The certificates
           carry authorizations for one or more certificate subjects.

   TupleGroup (output)
           A pointer to a structure containing references to one or
           more tuples resulting from the translation process. Storage
           for structure and the tuples is allocated by the service
           provider and must be deallocated by the application.

 DESCRIPTION
   This function creates a set of authorization tuples based on a set of
   input certificates. The certificates must be of the type managed by
   the Trust Policy module. The trust policy module may require that the
   input certificates be successfully verified before being translated to
   tuples.  It is assumed that the certificates carry authorizations. The
   trust policy service provider interprets the certificate authorization
   fields and generates one or more tuples corresponding to those
   authorizations.  The certificates of the type managed by the Trust
   Policy module. The resulting tuples can be input to an authorization
   evaluation function, such as CSSM_AC_AuthCompute() (CSSM API), or
   AC_AuthCompute() (AC SPI), which determines whether a particular
   action is authorized under a basic set of authorization assumptions.

 RETURN VALUE
   A CSSM_RETURN value indicating success or specifying a particular
   error condition. The value CSSM_OK indicates success. All other
   values represent an error condition.

 ERRORS
   Errors are described in the CDSA technical standard.  See CDSA.

        CSSMERR_TP_INVALID_CL_HANDLE
        CSSMERR_TP_INVALID_CERTGROUP_POINTER
        CSSMERR_TP_INVALID_CERTGROUP

 SEE ALSO
   Books

   Intel CDSA Application Developer's Guide (see CDSA)

   Other Help Topics

   Functions for the CSSM API:

       CSSM_TP_TupleGroupToCertGroup
       CSSM_AC_AuthCompute

   Functions for the TP SPI:

       TP_TupleGroupToCertGroup
       AC_AuthCompute
Close Help