Developing security applications
- Installing and attaching service provider modules
The calling application uses the OCSF CSSM_ModuleAttach function, for example, to attach the specified OCEP service provider modules. CSSM_ModuleAttach then returns a handle value that represents a unique pairing between the calling application and the specific OCEP service provider module. The calling routine must then specify this handle when it invokes an API that is supported by an OCEP service provider. See Example Code Using the OCEP Trust Policy APIs for an example.
- Querying the OCSF registry of available service provider modules
- Enabling calls to other APIs
- Managing storage
- Managing errors
In addition, because service provider modules may implement the OCSF APIs differently, you should be aware of any differences between the parameters that are supported. For example, OCSF also provides trust policy and data storage library service provider modules. However, the way in which the APIs are implemented by these OCSF service provider modules support differs from the way they are implemented by OCEP. You should review your applications to ensure that they can correctly use the APIs, as they are supported by the OCEP service provider modules.
For more information about these OCSF requirements, see z/OS Open Cryptographic Services Facility Service Provider Module Developer's Guide and Reference.