Common Data Security Architecture (CDSA) White Paper

Validating the CSP Credentials

Integrity Check prior to Loading

The integrity check performed on the CSP prior to loading ensures that the add-in shared library has not been tampered with before it is loaded. The CSSM performs this check before loading any CSP add-in module.

1.First, the signature on the signed .SF file is validated. To accomplish this, the CSSM uses the certificate chain of X.509 certificates embedded in the credential file.

2.If the chain can be validated, the public key of the validated signer’s certificate is used to verify the signature of the .SF file, as shown in Figure 1-9 on page 67.

Figure 1-9

.DSA file, containing signer's DSA signature

Verifying the signature on the .SF file

Signer's public key

.SF file, containing hash

of data in .MF file

DSA

Did the

No

Verify

Signature

 

 

verify?

 

 

Yes

 

 

.SF file was

 

 

created by Signer

 

.SF file was created by unknown entity.

STOP!

3.After the signature of the .SF file is validated, a SHA-1 hash of the section in the .MF file referring to the shared library to be loaded is calculated and compared with the hash in the .SF file. This is shown in Figure 1-10.

Chapter 1

67

Page 66 Page 68
Page 67
Image 67
HP UX Security Products and Features Software Integrity Check prior to Loading, Verifying the signature on the .SF file
Page 66 Page 68
Top Page Image Contents