Common Data Security Architecture (CDSA) White Paper

Cryptography Service Provider (CSP) API

Interaction between CSP and Applications

The application selects a CSP and requests CSSM to attach to it. The CSSM returns a CSP handle to the application that uniquely identifies the pairing of the application thread to the CSP module instance. This handle is used by the application to identify the CSP in the future.

The application establishes a “session,” a framework in which the CSP will perform cryptographic operations.

The application creates an operation “context,” which must exist prior to starting CSP operations and is deleted as soon as possible upon completion of the operation.

Depending on the class of cryptographic operations, individualized attributes are available for the cryptographic context.

When creating the context, the application specifies an algorithm and may also initialize a session key, pass an initialization vector and/or pass padding information to complete the description of the session.

A successful return value from the create function to the application indicates the desired CSP is available. Functions are also provided to manage the created context.

All cryptographic services requested by applications are channeled to the CSP via the CSSM. The CSP uses the CSSM module information files and query mechanism for disclosing detailed information about its cryptographic services to the application. For example, a CSP may register with the CSSM:

Encryption is supported. The algorithms present are RC2 with cipher block chaining for key sizes 40 and 56 bits.

During the session, the CSP may perform cryptographic operations such as encryption, decryption, digital signaturing, key and key-pair generation, random number generation, message digest, key wrapping, key unwrapping, and key exchange. Cryptographic services can be implemented by an add-in module of hardware and software or by software alone.

Cryptographic operations might take place:

as a single call to perform an operation and obtain a result.

as a sequence of calls, starting with an initialization call, followed by one or more update calls, and ending with a completion (final) call. Usually, the result is available after the final function completes its execution. Staged encryption/decryption are an exception, in that each update call generates a portion of the result.

The CSP is responsible for the secure storage of private keys created during a CSP session. Context information is not persistent; it is not saved permanently in a file or database.

When a context is no longer required, the application calls CSSM_DeleteContext to delete the session’s context information. Resources that were allocated for that context can be reclaimed

26

Chapter 1

Page 26
Image 26
HP UX Security Products and Features Software manual Interaction between CSP and Applications