Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
41424344454647484950
A libwliapi example
This example demonstrates how libwliapi functions add and delete WLI file access policies.
A.1 Instructions
This example requires an authorized WLI administrator key.
<admin_key> WLI administrator's private key
<admin_pass> Passphrase for <admin_key>
1. Copy the makefile and source files below to a test directory.
2. % su root
3. The makefile builds executables, adds user wliusr1, and generates ukey.pvt
# make all
4. # wlicert -i wliusr1.inst1 -k <admin_key> -p pass:<admin_pass> ukey.pub
5. # wlicert -c wliusr1.inst1 -s -k <admin_key> -p pass:<admin_pass> -o api
6. # su wliusr1
7. % wlisign -a -k ukey.pvt -p pass:mypasswd -o api api_flac_test
8. % wlisign -a -k ukey.pvt -p pass:mypasswd -o api api_ibac_test
9. % api_flac_test
10. % api_ibac_test
Cleanup:
1. # wlicert -d wliusr1.inst1 -k <admin_key> -p pass:<admin_pass>
2. # make clean
A.2 makefile
# Makefile for exercising libwliapi functions
SHELL = /bin/sh
CC = cc
LD = ld
CFLAGS = +DD64
INCLUDES = -I/opt/wli/include -I/usr/include/openssl
# make secure binaries
LDOPTS = +noenvvar +nodefaultrpath +b/opt/wli/lib
LDPATH = -L/opt/wli/lib
# LIBS = -lwliapi -lsec -lcrypto
LIBS = -lwliapi -lcrypto
COMPILE = $(CC) $(CFLAGS) $(INCLUDES)
.c.o:
$(COMPILE) -c $< -o $@
all: user_setup progs
progs: api_flac_test api_ibac_test
api_flac_test: api_flac_test.o
$(LD) -o $@ api_flac_test.o $(LDOPTS) $(LDPATH) $(LIBS)
echo "flac test file" >flac_test
api_ibac_test: api_ibac_test.o
$(LD) -o $@ api_ibac_test.o $(LDOPTS) $(LDPATH) $(LIBS)
echo "ibac test file" >ibac_test
ukey.pvt:
openssl genrsa -aes256 -passout pass:mypasswd -out ukey.pvt 2048
ukey.pub: ukey.pvt
A.1 Instructions 45