RSA BSAFE Cert-C

RSA BSAFE Cert-C
API Reference

Cert-C LDAP Database Service Provider

LDAP Database Service Provider Elements:	DB_FUNCS
Cert-C LDAP Database Service Provider Elements:	Implements only five functions in `DB_FUNCS` SelectCertBySubject SelectCertByExtensions SelectCertByIssuerSerial SelectCRLByIssuerTime Finalize LDAP_INIT_PARAMS passes initialization parameters LDAP_DATA stores LDAP server configuration data. S_InitializeLDAPSource S_InitializeLDAP2

The Cert-C LDAP Database service provider retrieves certificates and CRLs from an LDAP repository. An LDAP repository can be available as a Database service provider. Registered Database service providers are searched in the order established during the registration of the Database service provider.

LDAP repositories vary widely in their schema and usage conventions. Cert-C addresses this problem by recording configuration information in an LDAP_DATA structure for each LDAP repository in which the client wants to search. When initializing Cert-C, a separate Database service provider is registered for each LDAP server, as determined by the LDAP configuration records previously created. The Cert-C LDAP Database service provider provides functions that allow the client to create, modify, delete, and list LDAP configuration records.

The LDAP is a read-only source; it neither implements write functions nor implements searches that do not make sense in the LDAP environment.

Cert-C does not require any LDAP v3 functionality. All of the LDAP calls made are within the LDAP v2 specification. However, LDAP v3 is fully backward-compatible with LDAP v2, so Cert-C can operate with both v2 and v3 servers.

To initialize or register the Cert-C Default Database service provider, call either the C_InitializeCertC or the C_RegisterService function. Both functions take SERVICE_HANDLER as a parameter.

The Initialize member in SERVICE_HANDLER points to the S_InitializeLDAPSource function or to the S_InitializeLDAPSource function.

If the Cert-C Default Database service provider is used, call S_InitializeLDAPSource.
If the Cert-C Default Database service provider is not used, call S_InitializeLDAP2.

The corresponding POINTER should point to an LDAP_INIT_PARAMS structure, or be set to NULL_PTR. S_InitializeLDAPSource and S_InitializeLDAP2 initialize the Cert-C LDAP Database service provider's implementation of the database functions. It stores pointers to them in SERVICE_FUNCS's db member, which is a DB_FUNCS structure. Never call S_InitializeLDAPSource or S_InitializeLDAP2 directly.

To use the Cert-C LDAP Database service provider in an application, link in the certcsp library and include the ldapapi.h and ldap.h header files. (ldap.h is located in the include/mozildap/ directory.) The application must also be able to load the nsldap32v30.dll library (provided in this release) at runtime. This .dll is used on Win32 platforms. The ldap sample uses this service provider.

RSA BSAFE^® Cert-C 2.7 API Reference