Index Index for
Section 3
Index Alphabetical
listing for T
Bottom of page Bottom of
page		 

TP_CertGroupToTupleGroup(3)


NAME

  TP_CertGroupToTupleGroup, CSSM_TP_CertGroupToTupleGroup - Create a set of
  authorization tuples (CDSA)


SYNOPSIS

  # include <cdsa/cssm.h>

       API:
       CSSM_RETURN CSSMAPI CSSM_TP_CertGroupToTupleGroup
       (CSSM_TP_HANDLE TPHandle,
       CSSM_CL_HANDLE  CLHandle,
       const CSSM_CERTGROUP *CertGroup,
       CSSM_TUPLEGROUP_PTR *TupleGroup)
       SPI:
       CSSM_RETURN CSSMTPI TP_CertGroupToTupleGroup
       (CSSM_TP_HANDLE TPHandle,
       CSSM_CL_HANDLE  CLHandle,
       const CSSM_CERTGROUP *CertGroup,
       CSSM_TUPLEGROUP_PTR *TupleGroup)


LIBRARY

  Common Security Services Manager library (libcssm.so)


PARAMETERS

  TPHandle (input)
	  The handle that describes the trust policy service module used to
	  perform this function.

  CLHandle (input/optional)
	  The handle that describes the certificate library module that can
	  be used to scan the certificate fields for values. If no
	  certificate library module is specified, the TP module uses an
	  assumed CL module.

  CertGroup (input)
	  A group of certificates in the native certificate format supported
	  by the Trust Policy module. The certificates carry authorizations
	  for one or more certificate subjects.

  TupleGroup (output)
	  A pointer to a structure containing references to one or more
	  tuples resulting from the translation process. Storage for
	  structure and the tuples is allocated by the service provider and
	  must be deallocated by the application.


DESCRIPTION

  This function creates a set of authorization tuples based on a set of input
  certificates. The certificates must be of the type managed by the Trust
  Policy module. The trust policy module may require that the input
  certificates be successfully verified before being translated to tuples. It
  is assumed that the certificates carry authorizations. The trust policy
  service provider interprets the certificate authorization fields and
  generates one or more tuples corresponding to those authorizations. The
  certificates of the type managed by the Trust Policy module. The resulting
  tuples can be input to an authorization evaluation function, such as
  CSSM_AC_AuthCompute() (CSSM API), or AC_AuthCompute() (AC SPI), which
  determines whether a particular action is authorized under a basic set of
  authorization assumptions.


RETURN VALUE

  A CSSM_RETURN value indicating success or specifying a particular error
  condition. The value CSSM_OK indicates success. All other values represent
  an error condition.


ERRORS

  Errors are described in the CDSA technical standard.	See CDSA_intro(3).

       CSSMERR_TP_INVALID_CL_HANDLE
       CSSMERR_TP_INVALID_CERTGROUP_POINTER
       CSSMERR_TP_INVALID_CERTGROUP


SEE ALSO

  Books

  Intel CDSA Application Developer's Guide (see CDSA_intro(3))

  Reference Pages

  Functions for the CSSM API:

  CSSM_TP_TupleGroupToCertGroup(3), CSSM_AC_AuthCompute(3)

  Functions for the TP SPI:

  TP_TupleGroupToCertGroup(3), AC_AuthCompute(3)

Index Index for
Section 3
Index Alphabetical
listing for T
Top of page Top of
page