Show TOC

Background documentationFunctions Required by CentralKeySource

 

The custom user exit you develop must export the following functions for CentralKeySource:

  • BOOL Initialize( char * configString);

  • BOOL GetKeyByID( const TCHAR * tokenId, TCHAR *& channelId, TCHAR *& creationDate, TCHAR *& effectiveDate, TCHAR *& algorithmName, unsigned long & keyStatus, _TUCHAR *& rawKey, unsigned long & rawKeyLength);

  • BOOL GetKeyByChannel(const TCHAR * channelId, TCHAR *& tokenId, TCHAR *& creationDate, TCHAR *& effectiveDate, TCHAR *& algorithmName, unsigned long & keyStatus, _TUCHAR *& rawKey, unsigned long & rawKeyLength);

The functions perform the following actions:

  • You use the Initialize method to initialize the third party key manager solution

  • The GetKeyByID method gets a key given a token ID from the central key management system

  • The GetKeyByChannel gets the current key for the channel (the key group/class)

Every method that you expose returns one of the following BOOL values:

  • TRUE if the method executed without errors

  • FALSE if the method executed with errors

To replace the implementation, you must modify the TWSecurity.INI file located in the folder C:\Program Files\Common Files\SAP Shared\Retail Systems.

Example

You are replacing the CentralKeySource user exit by a custom Central Key Source. You must modify the CENTRALKEYSOURCE= entry to point to the name and location of the custom user exit you want to use. So if we have a custom key manager named CustomCentralKeySource.dll located in C:\TEMP, then the entry appears as follows:

CENTRALKEYSOURCE =C:\TEMP\ CustomCentralKeySource.dll

The CentralKeySourceHandler then loads and maps the functions from the custom DLL.

Caution Caution

The custom DLL must have the same function prototypes as the local implementation, if even one is missing or incorrect the handler class fails to load the user exit and the system halts.

End of the caution.