Common Data Security Architecture (CDSA) White Paper
Introduction to Add-in Modules
• If self-checking is required, the initialization function calls the ISL_SelfCheck function.
For a sample initialization routine, see “How to Create a CDSA Add-In Module for HP-UX” on page 53.
For detailed information about CSP self-checks, see “Programming Self-Check Functions into the Initializer” on page 56.
Code to Register Services with CSSM
In order to notify CSSM what capabilities the add-in module can perform, the add-in module needs to register its services to CSSM. The registration takes place via a routine, AddInAuthenticate(), which is invoked by CSSM.
Each add-in must implement AddInAuthenticate() to do the following tasks:
•If the add-in module is a CSP, perform integrity verification on CSSM. (This is unnecessary if the add-in module is a CL, DL or TP.)
•Build and register the function table, which contains function pointers that CSSM can invoke.
For detailed information on what takes place during AddInAuthenticate(), see “Programming AddInAuthenticate() to Perform Bilateral Authentication” on page 60.
Add-In Module Install Program
An add-in module is not visible to applications until it is installed into the system. The add-in module install program performs two tasks:
•Move the add-in library into place, in /usr/lib/cdsa.
•Create add-in module information files, by invoking CSSM_ModuleInstall with module information. The files are stored in /var/cdsa/cssm.
An add-in module becomes unavailable after it is uninstalled from the system. The uninstall program peforms two tasks:
•Remove the add-in library from /usr/lib/cdsa.
•Remove add-in module information files from /var/cdsa/cssm, by invoking CSSM_ModuleUninstall.
NOTE | You must be a superuser to run the install/uninstall program. |
| |