Three structures are used to contain all of the static information that describes a CL module: cssm_moduleinfo, cssm_serviceinfo, and cssm_clsubservice. This descriptive information is securely stored in the OCSF registry when the CL module is installed with OCSF. A CL module may implement multiple types of services and organize them as subservices. For example, a CL module supporting X.509 encoded certificates may organize its implementation into three subservices: one for X.509 Version 1, a second for X.509 Version 2, and a third for X.509 Version 3. Most CL modules will implement exactly one subservice.

The descriptive information stored in these structures can be queried using the function CSSM_GetModuleInfo and specifying the CL module Globally Unique ID (GUID).

typedef struct cssm_clsubservice {
   uint32 SubServiceId;
   CSSM_STRING Description;
   CSSM_CERT_TYPE CertType;
   CSSM_CERT_ENCODING CertEncoding;
   CSSM_USER_AUTHENTICATION_MECHANISM AuthenticationMechanism;
   uint32 NumberOfTemplateFields;
   CSSM_OID_PTR CertTemplates;
   uint32 NumberOfTranslationTypes;
   CSSM_CERT_TYPE_PTR CertTranslationTypes;
   CSSM_CL_WRAPPEDPRODUCT_INFO WrappedProduct;
} CSSM_CLSUBSERVICE, *CSSM_CLSUBSERVICE_PTR;

Definitions:

SubServiceId

A unique, identifying number for the subservice described in this structure.

Description

A string containing a description name or title for this subservice.

CertType

An identifier for the type of certificate. This parameter is also used to determine the certificate data format.

CertEncoding

An identifier for the certificate encoding format.

AuthenticationMechanism

An enumerated value defining the credential format accepted by the CL module. Authentication credential may be required when requesting certificate creation or other CL functions. Presented credentials must be of the required format.

NumberOfTemplateFields

The number of certificate fields. This number also indicates the length of the CertTemplate array.

CertTemplates

A pointer to an array of tag/value pairs which identify the field values of a certificate.

NumberOfTranslationTypes

The number of certificate types that this CL module can import and export. This number also indicates the length of the CertTranslationTypes array.

CertTranslationTypes

A pointer to an array of certificate types. This array indicates the certificate types that can be imported into and exported from this CL module's native certificate type.

WrappedProduct

A data structure describing the embedded products and CA service used by the CL module.