Common Data Security Architecture (CDSA) White Paper

Introduction to Add-in Modules

• If self-checking is required, the initialization function calls the ISL_SelfCheck function.

For a sample initialization routine, see “How to Create a CDSA Add-In Module for HP-UX” on page 53.

For detailed information about CSP self-checks, see “Programming Self-Check Functions into the Initializer” on page 56.

Code to Register Services with CSSM

In order to notify CSSM what capabilities the add-in module can perform, the add-in module needs to register its services to CSSM. The registration takes place via a routine, AddInAuthenticate(), which is invoked by CSSM.

Each add-in must implement AddInAuthenticate() to do the following tasks:

If the add-in module is a CSP, perform integrity verification on CSSM. (This is unnecessary if the add-in module is a CL, DL or TP.)

Build and register the function table, which contains function pointers that CSSM can invoke.

For detailed information on what takes place during AddInAuthenticate(), see “Programming AddInAuthenticate() to Perform Bilateral Authentication” on page 60.

Add-In Module Install Program

An add-in module is not visible to applications until it is installed into the system. The add-in module install program performs two tasks:

Move the add-in library into place, in /usr/lib/cdsa.

Create add-in module information files, by invoking CSSM_ModuleInstall with module information. The files are stored in /var/cdsa/cssm.

An add-in module becomes unavailable after it is uninstalled from the system. The uninstall program peforms two tasks:

Remove the add-in library from /usr/lib/cdsa.

Remove add-in module information files from /var/cdsa/cssm, by invoking CSSM_ModuleUninstall.

NOTE

You must be a superuser to run the install/uninstall program.

 

 

Chapter 1

51

Page 51
Image 51
HP UX Security Products and Features Software manual Code to Register Services with Cssm, Add-In Module Install Program