VMS Help  —  CDSA  CDSA_API, cssm IsFuncCallValid
 NAME
   cssm_IsFuncCallValid - Check secure linkage (CDSA)

 SYNOPSIS
   # include <cssm.h>

        CSSM_RETURN CSSMAPI cssm_IsFuncCallValid
        (CSSM_MODULE_HANDLE hAddin,
        CSSM_PROC_ADDR SrcAddress, /* application */,
        CSSM_PROC_ADDR DestAddress,
        CSSM_PRIVILEGE InPriv,
        CSSM_PRIVILEGE *OutPriv,
        CSSM_BITMASK Hints,
        CSSM_BOOL * IsOK)

 LIBRARY
   Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)

 PARAMETERS
   hAddIn (input)
           The handle identifying the attach-session whose caller and
           callee scope is being tested by this function.

   SrcAddress (input/optional)
           An address to be tested for containment within the
           application that requested and created the attach-session
           identified by the module handle.

   DestAddress (input/optional)
           An address within a service module. The destination address
           must be valid for the service provider associated with the
           attach-session identified by the module handle.

   InPriv (input)
           The privilege value to be checked. Privilege checks apply
           to both SrcAddress and DestAddress.

   OutPriv (output)
           If non-NULL, the global privilege will be checked and
           returned in OutPriv.

   Hints (input)
           A flag providing search hints.

   IsOK (output)
           CSSM_TRUE if success, CSSM_FALSE if fail.

 DESCRIPTION
   This function checks secure linkage between an application and a
   service module. Based on address scope of the application and the
   service module associated with the attach handle, CSSM determines
   whether the SrcAddress is within an associated application and
   DestAddress is within the associated service module. The scope of
   the application and the service module is determined by their
   respective signed manifest credentials, which attest to the
   integrity of each entity.

   This function uses the input privilege value InPriv to compare
   against the privilege range associated with the ranges for
   SrcAddress and DestAddres.  The privilege check is performed
   when the InPriv privilege value is non-NULL.   If the EMM wants
   the global privilege value to be checked, InPriv is zero and
   OutPriv is non-NULL. CSSM will return the privilege value in
   OutPriv. If integrity only checks are to be performed, InPriv
   is zero and OutPriv is NULL.

   Another parameter called Hints is used to help CSSM efficiently
   perform the integrity and privilege verification operations.
   Hints helps CSSM know where to look to find the desired state
   information.  In the regular case, CSSM will look for SrcAddress
   in the CallerList and DestAddress in the AttachList. For callback
   functions, the SrcAddress and DestAddress are likely to be in
   AttachList.

 RETURN VALUE
   A CSSM_RETURN value indicating success or specifying a particular
   error condition. The value CSSM_OK indicates success. All other
   values represent an error condition.

 ERRORS
   Errors are described in the CDSA technical standard.  See CDSA.

 SEE ALSO
   Books

   Intel CDSA Application Developer's Guide (see CDSA)

   Other Help Topics
Close Help