7.2 – Integrity Signing Example
The following is an example of the cdsa_sign command for Integrity
signing:
$ define cdsa_sign "/cdsa_tempdir/addin"
$ set default cdsa_sysdir:[sign]
$ cdsa_sign stubcsp300_shr cdsa_sign A intmods.cer -
_$ intmods intchain. {79BDE0F0-4541-11d3-A8F3-0090271D266F} -
_$ "XX" "EXEMPT" "XX" "XX"
The first command defines the logical cdsa_sign (which is used
internally by the code) in UNIX directory format as the
directory where the executable to be signed can be found.
* stubcsp300_shr is the name of the module being signed.
* cdsa_sign is the logical pointing to the directory containing
the module.
* A indicates that stubcsp300_shr is a service provider module.
* intmods.cer is the name of the certificate being used to sign
the module.
* intmods is the password for the private key of the certificate
(intmods.cer) being used to sign the module.
* intchain. is the name of the text file containing the names of
the certificates in the Integrity chain.
* {79BDE0F0-4541-11d3-A8F3-0090271D266F} is the GUID of the service
provider module.
* "XX" is the access tag, which indicates that this is not an
installer module.
* "EXEMPT" is the CDSA_PVC_API tag specifying that this is an
application manifest.
* "XX" specifies that the CDSA_PVC_SPI tag is not in the manifest.
* "XX" specifies that the CDSA_PRIV tag is not in the manifest.
7.3 – Export Signing
Export signing is optional. Before you can do Export signing for a
module, you must already have done Integrity signing and a manifest
must exist. For more information about Export signing, refer to the
Intel CDSA Manifest Signing Tools User's Guide.
SYNOPSIS
cdsa_sign manifest_path signer_cert password cert_chain usee_tag
priv_tag pvcapi_tag pvcspi_tag
OPTIONS
manifest_path
The path (in UNIX directory format) to the manifest created in the
Integrity signing phase.
signer_cert
The name of the certificate being used to sign the module.
password
The password for the private key of the certificate being used to
sign the module.
cert_chain
A text file identifying the Export certificates to be embedded.
This file has the following form:
number
cert1
cert2
.
.
.
where number is the number of certificates being embedded, and
cert1 and cert2 are the names of certificates to be embedded;
for example:
2
introot.cer
intmanf.cer
usee_tag
The base-64 encoded value of the CSSM_USEE_TAG value.
This value must be enclosed within double quotation marks.
priv_tag
The CDSA_PRIV tag in the manifest. Currently, no CDSA_PRIV tag
values are defined, so specify "XX" to indicate that this tag is
not in the manifest.
pvcapi_tag
The CDSA_PVC_API tag for application and CSSM manifests.
The values are:
"EXEMPT" Specifies an application manifest.
"OFF" Specifies a CSSM manifest.
"XX" Specifies that the CDSA_PVC_API tag is not
in the manifest.
pvcspi_tag
The CDSA_PVC_SPI tag for application and CSSM manifests.
The values are:
"EXEMPT" Specifies an application manifest.
"OFF" Specifies a CSSM manifest.
"XX" Specifies that the CDSA_PVC_SPI tag is not
in the manifest.
7.4 – Export Signing Example
The following is an example of the cdsa_sign command for Export signing:
$ cdsa_sign /cdsa_tempdir/des2/des2.esw exapps.cer secret exchain. -
_$ "AAAAAQ==" "XX" "EXEMPT" "XX"
In this example:
* /cdsa_tempdir/des2/des2.esw is the path (in UNIX format)
to the manifest created during Integrity signing.
* exapps.cer is the name of the certificate being used to sign
the module.
* secret is the password for the private key of the certificate
being used to sign the module.
* exchain. is the name of the text file identifying the
Export certificate chain to be embedded in the signature.
* "AAAAAQ==" is the base-64 encoded value of the
CDSA_USEE_DOMESTIC tag.
* "XX" specifies that the CDSA_PRIV tag is not in the manifest.
* "EXEMPT" is the CDSA_PVC_API tag specifying that this is an
application manifest.
* "XX" specifies that the CDSA_PVC_SPI tag is not in the
manifest.
8 – CDSA$X5092XML.EXE
The x5092xml utility reads an X509 certificate file, extracts the
subject name, and writes the name as XML to an XML file. This tool
is useful for producing example template files that can be modified.
SYNOPSIS
x5092xml infile outfile
OPTIONS
infile
The name of the X509 certificate file from which the subject
name is being extracted.
outfile
The name of the XML file to which the name is to be written.
8.1 – EXAMPLE
x5092xml introot.cer introot.xml
9 – CDSA$VALIDATE.EXE
The CDSA$VALIDATE program allows the user to check the validity of a
manifest against the file that it was created from. It performs the
same functionality as programmatically calling CDSA_FileValidate, but
from a stand-alone program.
SYNOPSIS
$ CDSA$VALIDATE filename
OPTIONS
filename
The full file specification of the file for which the manifest was
created. Currently, the filename must be a Windows style path in
order to be compatible with CDSA. The name of the manifest that
is the digital signature of 'filename' is calculated from the
target filename. The manifest has a file extension of "*.<ext>_ESW"
where <ext> is the extension of the target file.
EXAMPLE
$ @sys$manager:cdsa$symbols
$ validate /user1/mydirectory/foobar.pcsi
RETURNS
CDSA$VALIDATE will return SS$_NORMAL for success and 0 if the validation
fails, or an error occurs.
10 – CDSA FileValidate
NAME
CDSA_FileValidate - Validate a manifest file against its target file
SYNOPSIS
#include <cssm.h>
int CDSA_FileValidate( char *target_file,
CSSM_RETURN *CDSA_Ret_Status );
LIBRARY
Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)
PARAMETERS
target_file (input) The full filespec of the file to be validated.
CDSA_Ret_Status (output) A CDSA status code. If non-zero, the status
may be decoded using the routine
Decode_CDSA_Error.
DESCRIPTION
This routine validates a target file using the associated manifest file.
It is the callable equivalent of CDSA$VALIDATE.EXE.
RETURN VALUE
VMS_Success or VMS_Failure
ERRORS
Errors are described in the CDSA technical standard. See CDSA.
CSSM_OK
CSSM_ERRCODE_SELF_CHECK_FAILED
CSSMERR_SD_NO_TARGETFILE
CSSMERR_SD_NO_MANIFESTFILE
CSSM_ERRCODE_MEMORY_ERROR
CSSMERR_SD_MANIFESTFILE_OPEN_FAILED
CSSMERR_SD_MANIFESTFILE_READ_FAILED
CSSMERR_SD_TARGETFILE_STRING_NOT_FOUND
CSSMERR_SD_TARGETFILE_TERMINATOR_NOT_FOUND
11 – Decode CDSA Error
NAME
Decode_CDSA_Error - Turn a CDSA error code into the corresponding message
SYNOPSIS
#include <cssmerr.h>
void Decode_CDSA_Error( CSSM_RETURN Error_Code,
char *Error_Label_String,
char *Error_String);
LIBRARY
Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)
PARAMETERS
Error_Code (input) The numeric error code return by CDSA
routines.
Error_Label_String (output) The string representing the error code
itself.
Error_String (output) The string describing the error.
DESCRIPTION
This routine converts a numeric CDSA error code into two strings.
Error_Label_String is a string representing the error that can be used
in error-checking code. Error_String is a description of the error.
RETURN VALUE
None
ERRORS
None
12 – Print CDSA Error
NAME
Print_CDSA_Error - Output the CDSA error strings to SYS$OUTPUT
SYNOPSIS
#include <cssmerr.h>
void Print_CDSA_Error( CSSM_RETURN Error_Code);
LIBRARY
Common Security Services Manager library (CDSA$INCSSM300_SHR.EXE)
PARAMETERS
Error_Code (input) The numeric error code return by CDSA
routines.
DESCRIPTION
This routine outputs the strings returned by Decode_CDSA_Error to
SYS$OUTPUT. It provides a simple way report CDSA errors from a user
program.
RETURN VALUE
None
ERRORS
None
13 – Human Recognition Service (HRS)
CDSA/HRS (Common Data Security Architecture/Human Recognition Service) is a CSSM (Common Security Services Manager) EMM (Elective Module Manager). It is intended to provide a high-level generic authentication model, suited to use for any form of human authentication. Particular emphasis has been made in the design on its suitability for authentication using biometric technology. It covers the basic functions of Enrollment, Verification, and Identification, and includes a database interface to allow a biometric service provider (BSP) to manage the identification population for optimum performance. It also provides primitives which allow the application to manage the capture of samples on a client, and the Enrollment, Verification, and Identification, on a server. The HRS is designed for use by both application developers and biometric technology developers. To make the integration of the technology as straightforward and simple as possible (thus enhancing its commercial viability), the approach taken is to hide or encapsulate to the extent possible the complexities of the biometric technology. This approach also serves to extend the generality of the interface to address a larger set of potential biometric technologies and applications.
14 – CDSA V2 New Features
New Features in CDSA V2.2
- Full support for Secure Delivery, a mechanism used to produce and
validate digital signatures for PCSI kits to be installed on OpenVMS.
- Version 0.9.7E of the OpenSSL crypto routines.
New features in CDSA V2.1
- The ability to use CDSA$SIGN.EXE to create manifests for generic
files, rather than just executable files.
- CDSA$VALIDATE.EXE, which allows checking a generic manifest
against the file for which it was created. Also available is
the new routine CDSA_FileValidate, which can be called
programmatically to perform the same function.
- Version 0.9.7D of the OpenSSL crypto routines.
New features in CDSA V2.0
- The tools to let application developers create certificates and
sign their applications and optionally participate in bilateral
authentication with CSSM.
- The tools to allow developers to create new plug-in modules
written for an existing category of service, and to have the
modules participate in bilateral authentication with CSSM.
- The tools to allow developers to create new categories of
service and write plug-in modules to the new interface (and
participate in bilateral authentication with CSSM).
- New example programs to demonstrate the steps for writing
and signing applications and plugin modules.
- Version 0.9.6G of the OpenSSL crypto routines.