HP Open Source Security for OpenVMS, Volume 1 Common Data

This document, "HP Open Source Security for OpenVMS Volume 1: Common Data Security Architecture," published in July 2006, serves as a guide for application developers. It describes the Common Data Security Architecture (CDSA) Version 2.2 for OpenVMS (compatible with I64 Version 8.2+ and Alpha Version 7.3-2+), which is based on Intel's CDSA V2.0 Open Source implementation.

The manual covers:

• CDSA Overview: Its layered architecture, key components like the Common Security Services Manager (CSSM), various Service Provider Modules (Cryptographic, Trust Policy, Authorization Computation, Certificate Library, Data Storage Library), Elective Module Managers (EMMs), and Module Directory Services (MDS), along with mechanisms for maintaining CDSA integrity (self-check, bilateral authentication, secure linkage).
• Installation and Initialization: Detailed instructions for installing and configuring CDSA 2.2 on various OpenVMS versions.
• Secure Delivery: A new feature in CDSA 2.2 that enables digital signatures for files and associated manifests to ensure authenticity and integrity, including procedures for creating, revoking, and validating manifests.
• Utility Programs: Descriptions and examples for command-line utilities such as certificate generation, module installation, error reporting, signing, validation, and certificate manipulation.
• Programming Concepts: Guidance for developers on writing, compiling, linking, signing, and deploying CDSA applications and add-in modules, including example programs for various cryptographic operations and module types.
• API Reference: Extensive reference sections for CDSA, EMM, and Human Recognition Service (HRS) API functions.

The document is intended for developers with a basic understanding of cryptography and CDSA concepts.