Common Data Security Architecture (CDSA) White Paper
Certificate Library Services (CL) API
CL_PassThrough function in the CL. The CL interprets the input parameters to enable the appropriate operation to be performed.
NOTE | Certificate and CRL operations initiated by an application are performed |
| with APIs whose names have the form CSSM_CL_*(). |
| Other interfaces, whose names have the form CL_*() are intended for use |
| by |
| the CL module. |
|
|
Interaction between CSSM and Certificate Library Interface
CSSM provides the
The CSSM module information files (located in /var/cdsa/cssm) contain specifications of
The Certificate Library Interface (CLI) works with the CSSM APIs to make CL functions available to applications. CL functions perform syntactic operations (including creation, field management, signing, and verification, as well as extensibility operations and module management) on certificates and CRLs, so that applications may focus on the use of certificates rather than the mechanics of format manipulation.
Operations on Certificates
CSSM provides the
•Certificate operations
•Certificate revocation list (CRL) operations
•Extensibility functions.
The CSSM module information files contain specifications of CL supported functions. The application can obtain and use this information.
Certificate Library Interface
The Certificate Library Interface (CLI) specifies the CL functions available to applications via CSSM to support certificate and certificate revocation list (CRL) formats. These functions work with the CSSM APIs to perform certificate operations, certificate revocation list operations, extensibility functions, and module management functions.
Chapter 1 | 37 |
