The issuer utility is used to create a set of functions thatare embedded into CSSM, or are used by EISL. A CDSA applicationdeveloper needs to create only the EISL_RetrieveSelfCheckKey() function. The other functions noted here are applicableonly for CDSA vendors (in this case, HP).
This program generally is called by CDSA_SYSDIR:[SIGN]CDSA$GEN_CERTS.COM().
SYNOPSIS issueroptioncertfilecodefilefunctionname
OPTIONS
option
A code that defines the function to be created.Specify one of the following values:
-i
Creates a function that returnsan issuer name from the certificate.
-s
Creates a function that returnsa signer name from the certificate.
-k
Creates a function that returnsa trusted public key.
Note: A CDSA application developer who is creating the EISL_RetrieveSelfCheckKey() function should specify -k. The othercodes are used only by CDSA vendors who are building CDSA itselfrather than a CDSA application or service provider module.
certfile
A text file that containsthe name of the certificate to be used.
codefile
The file to which the generatedfunction is written.
functionname
Name of the function to begenerated. Note: CDSA application developers need to create onlythe EISL_RetrieveSelfCheckKey() function (the last item in the following list). Thefull set of functions is listed here to provide a complete overviewof the issuer utility. The other functions are applicable only forCDSA vendors. Those who want to learn more about export chains canrefer to the Intel Common Data Security ArchitectureManifest Signing Tools User's Guide.
cssm_GetIntegrityRootKeys() (or cssm_GetExportRootKeys() for export)
cssm_GetIntegrityRootNames() (or cssm_GetExportRootNames() for export)
EISL_RetrieveSelfCheckKey()
EXAMPLE The following example extracts the public key from the certificateintmods.cer and creates a function named EISL_RetrieveSelfCheckKey() in the file modselfkey.h.
HP Open Source Security for OpenVMS Volume 1:... 
CDSA Utility Programs
