HP Open Source Security for OpenVMS Volume 1: Common Data Security Architecture > Chapter 3 Secure Delivery

Validating Files and Authenticating Signers

 » Table of Contents

 » Glossary

 » Index

The objective of validation is to determine the authenticity of the signer and the contents of the target file. These tasks are just two of the many pieces of functionality that CDSA uses to perform bilateral authentication of the calling and called programs. Secure Delivery performs both authentication and validation.

CDSA performs file validation in two ways:

Validation Examples

The following two examples illustrate CDSA file validation. The first example validates a file called HP-AXPVMS-KERBEROS-V0200-6-1.PCSI$COMPRESSED and its associated manifest HP-AXPVMS-KERBEROS-V0200-6-1.PCSI _ESW.

$ VALIDATE :== $SYS$SYSTEM:CDSA$VALIDATE.EXE ! see SYS$MANAGER:CDSA$SYMBOLS.COM
$ VALIDATE /SYS$KIT/KERBEROS/HP-AXPVMS-KERBEROS-V0200-6-1.PCSI$COMPRESSED
Validation of /SYS$KIT/KERBEROS/HP-AXPVMS-KERBEROS-V0200-6-1.PCSI$COMPRESSED SUCCEEDED.

In the next example the same validation is attempted but the certificate used to create the manifest is revoked.

$ VALIDATE /SYS$KIT/KERBEROS/HP-AXPVMS-KERBEROS-V0200-6-1.PCSI$COMPRESSED
validation of /SYS$KIT/KERBEROS/HP-AXPVMS-KERBEROS-V0200-6-1.PCSI$COMPRESSED FAILED.
Error: CSSMERR_TP_CERT_REVOKED
Certificate has been revoked

The CDSA$VALIDATE_LIBSHR.EXE File

For applications that validate files programmatically, there is no need to call CDSA$VALIDATE.EXE. Applications that link directly with CDSA$VALIDATE_LIBSHR.EXE can call the routine CDSA_FileValidate for their validation needs. Note that CDSA_FileValidate also returns an OpenVMS style return: SS$_NORMAL indicating success and 0 indicating failure. In addition, if CDSA_Ret_Status is not a NULL value passed in, then the address of a CDSA return status is assigned. The calling application must allocate and deallocate memory for CDSA_Ret_Status. Currently, the target file must be passed in as a UNIX style path name as in CDSA$VALIDATE.EXE.

In order for the validation process to succeed, the latest signed CRL published by the CA must be in the CDSA$SYSDIR:[CRL] directory. This file is CDSA$SECURE_DELIVERY.S_CRL and is used to make sure that the manifest file was not signed by a certificate that has already been revoked.

For more information, see the API “CDSA_FileValidate” on page 73.