Manualshelf

Common Data Security Architecture (CDSA) White Paper

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
12345678910
2
Contents
Validating the CSP Credentials. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
The Credential File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
X.509 Certiļ¬cate Chain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
The Validation Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Integrity Check prior to Loading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
The Self Check. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Bilateral Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
In-Memory vs. Static Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Concluding Remarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Further References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
A. Sample Install Program
B. Generating the Credential File
HP Signing Policy for CSP Add-In Vendors for CDSA Version 1.2 . . . . 84
C. Sample Add-in Module Code
D. Functions Needed for Add-in Module Integrity
E. Trouble Shooting HP CDSA
CDSA API Errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
CDSA Start Up Errors when calling CSSM_ModuleAttach . . . . . . . . 118
Debugging Core Dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Using DDE to Debug CDSA Applications . . . . . . . . . . . . . . . . . . . . . 120
F. Migrating to CDSA 2.0
G. ZIP format
H. The Private Key File