Common Data Security Architecture (CDSA) White Paper
14 Chapter1
Common Data Security Architecture (CDSA) White Paper
What Is CDSA?
• Pass-through capabilities to import/export RSA and DSA keys
The Certificate Library (CL) API performs memory-based, syntactic manipulations on
X.509v3 certificates and certificate revocation lists. These actions include:
• Creating, signing, and verifying certificates and revocation lists
• Extracting values (such as public keys) from certificates
• Revoking and reinstating certificates
• Searching certificate revocation lists
• Providing pass-through functionality to manipulate certificate and revocation-list data
formats
In addition to the APIs, HP’s implementation of CDSA provides service provider interfaces for
use in the development of Trust Policy (TP) and Data Library (DL) modules.
NOTE You may notice seemingly duplicated APIs, some whose names begin
CSSM_ followed by a type of service provider (CSP, CL, and so forth),
others whose names begin directly with the service provider designation.
The CSSM_* APIs are intended for application development; that is, to
enable applications to request services of the shared library via the
CSSM. The interfaces whose names begin with the service provider
designation (CSP_, CL_, and so forth) are called SPIs and are used for
developing add-in modules. They are “invisible” to applications.