Three structures
are used to contain all of the static information that describes a CL module:
cssm_moduleinfo, cssm_serviceinfo, and cssm_clsubservice. This descriptive
information is securely stored in the OCSF registry when the CL module is
installed with OCSF. A CL module may implement multiple types of services
and organize them as subservices. For example, a CL module supporting X.509
encoded certificates may organize its implementation into three subservices:
one for X.509 Version 1, a second for X.509 Version 2, and a third for X.509
Version 3. Most CL modules will implement exactly one subservice.
The descriptive information stored in these structures can be queried using
the function CSSM_GetModuleInfo and specifying the CL module Globally Unique
ID (GUID).
typedef struct cssm_clsubservice {
uint32 SubServiceId;
CSSM_STRING Description;
CSSM_CERT_TYPE CertType;
CSSM_CERT_ENCODING CertEncoding;
CSSM_USER_AUTHENTICATION_MECHANISM AuthenticationMechanism;
uint32 NumberOfTemplateFields;
CSSM_OID_PTR CertTemplates;
uint32 NumberOfTranslationTypes;
CSSM_CERT_TYPE_PTR CertTranslationTypes;
CSSM_CL_WRAPPEDPRODUCT_INFO WrappedProduct;
} CSSM_CLSUBSERVICE, *CSSM_CLSUBSERVICE_PTR;
Definitions:
- SubServiceId
- A unique, identifying number for the subservice described in this structure.
- Description
- A string containing a description name or title for this subservice.
- CertType
- An identifier for the type of certificate. This parameter is also used
to determine the certificate data format.
- CertEncoding
- An identifier for the certificate encoding format.
- AuthenticationMechanism
- An enumerated value defining the credential format accepted by the CL
module. Authentication credential may be required when requesting certificate
creation or other CL functions. Presented credentials must be of the required
format.
- NumberOfTemplateFields
- The number of certificate fields. This number also indicates the length
of the CertTemplate array.
- CertTemplates
- A pointer to an array of tag/value pairs which identify the field values
of a certificate.
- NumberOfTranslationTypes
- The number of certificate types that this CL module can import and export.
This number also indicates the length of the CertTranslationTypes array.
- CertTranslationTypes
- A pointer to an array of certificate types. This array indicates
the certificate types that can be imported into and exported from this CL
module's native certificate type.
- WrappedProduct
- A data structure describing the embedded products and CA service used
by the CL module.
|