catpac, catear - PAC and UAR interface
The catpac and catear interfaces provides functions to obtain
User Access Rights (UARs) from Privilege Attribute Certificates
(PACs).
A PAC is a regular X.509 v3 certificate with a non-critical extension
containing the UARs. Sensitive information in the UARs, such as passwords,
is encrypted.
Before a PAC is opened (by catpac_openears()), the local side private key and certificate must be made known by calling
catpsd_setpsd(). This is needed in order to decrypt any protected fields in a UAR and to
know what UARs to look for.
UARs were previously called Enterprise Access Rights )(EARs), so the name catear exists for historical reasons.
- catear_dbmap
-
Return Keon Security Server 4.5 (BoKS)-compatible dbmap information from
the UAR.
- catear_findnext
-
Search the UARs located by catpac_openears()
looking for a more specific match.
- catear_getdata
-
Extract a named value from a handle to UARs.
- catear_getlogid
-
Get the user id to be used for logging from the UAR list.
- catear_rewind
-
Reset the state of the UAR list so that the next call to
catear_findnext will start at the first element.
- catpac_closeear
-
Close an open peer certificate (PAC) and free any allocated data.
- catpac_openears
-
Return a handle that represents the list of UARs found in the PAC.
cat
catear_dbmap, catear_findnext, catear_getdata,
catear_getlogid, catear_rewind, catpac_closeear,
catpac_openears