Common Data Security Architecture (CDSA) White Paper
Validating the CSP Credentials
Certificate 2’s public key, and so on.
Figure | Verifying a Certificate Chain | |
Certificate 0 |
|
|
Issuer: Root Issuer | Certificate 1 | |
Subject: Root Issuer | Issuer: Root Issuer | |
Root Public Key | Subject: Issuer A | |
|
| |
DSA Signature
Public Key
Certificate 2 |
| |
Issuer: Issuer A | Certificate 3 | |
Subject: Issuer B | ||
DSA Signature | Issuer: Issuer B | |
Public Key | ||
Subject: Signer | ||
| ||
| DSA Signature | |
| Public Key |
The Validation Sequence
The validation process is comprised of three phases:
•Integrity check by the CSSM of the CSP shared library prior to loading
•
•Bilateral authentication check of the CSSM by the CSP
NOTE | The CSP |
| duplicate cryptographic functions for validating DSA signatures and |
| calculating |
| of the HP CDSA Framework. |
|
|
CSP shared libraries are validated in the order they are loaded by the CDSA application user.
66 | Chapter 1 |
