Installed Directory on Linux
This section describes the folders and files that are installed with CADP for C in the local file system within a Linux environment. The default directory is installed in the following path:
/opt/CipherTrust/CADP_for_C/
The installed CADP_for_C directory contains the following folders:
| Folder Name | Description |
|---|---|
| certs | Contains the keys and certificates used for TLS communication. |
| include | Contains all the header files CADP for C program requires. |
| logs | Contains the CADP for C log file. |
| utilities | Contains the system utilities files including executables files. |
| wrapper | Contains .NET Core and java files. |
More information about each of these folders is provided in this section.
In addition, the following files are included within the installed directory:
| File Name | Description |
|---|---|
| CADP_CAPI.properties | This CADP for C CAPI configuration file stores the configurable parameters used to configure the CADP for C client, including parameters for the IP address or hostname of the CipherTrust Manager, server port number of the CipherTrust Manager interface, and protocol to use for communication between the client and the CipherTrust Manager. Refer to Configuring CADP for C CAPI Properties File for more information. |
| CADP_PKCS11.properties | This CADP for C PKCS#11 configuration file stores the configurable parameters used to configure the CADP for C client, including parameters for the IP address or hostname of the CipherTrust Manager, server port number of the CipherTrust Manager interface, and protocol to use for communication between the client and the CipherTrust Manager. Refer to Configuring CADP for C PKCS#11 Properties File for more information. |
| libcadp_capi.so -> libcadp_capi.so-8.14.0.00X | Library file used to implement the APIs the CADP for C CAPI supports. |
| libcadp_capi.so-8.14.0.00X | Library file used to implement the APIs the CADP for C CAPI supports. |
| libcadp_pkcs11.so -> libcadp_pkcs11.so-9.2.0.000 | library file used to implement the APIs the CADP for C PKCS#11 supports. |
| libcadp_pkcs11.so-9.2.0.000 | Library file used to implement the APIs the CADP for C PKCS#11 supports. |
| libCryptoDataUtility.so | Library file used to implement the APIs the CADP for C supports. |
| kmip_tags.csv | Defines the tag values for the objects and primitive data values used in KMIP protocol messages. The name of this file must be specified as the KMIP_Spec_File parameter in the CADP_CAPI.properties file. |
certs
The certs folder contains all the keys and certificates used for TLS communication.
Note
Ensure to protect these keys and certificate files.
include
The include folder contains the following folders and header files that CADP for C requires:
| Folder/File Name | Description |
|---|---|
| csp folder | Contains the Key Management Interoperability Protocol (KMIP) header files. Files include: kmiperr.h, kmipkeymgmttypes.h, and types.h |
| cadp_capi_crypto.h | Contains Crypto API definitions related to CADP for C API. |
| cadp_capi_err.h | Contains error and status codes for translation with the CipherTrust Manager error messages. |
| cadp_capi.h | Contains helper APIs to interact with the CipherTrust Manager. |
| cadp_capi_kmipkeymgmt.h | Contains APIs to execute the key related queries and modify attributes using the KMIP interface. |
| cadp_capi_naekeymgmt.h | Contains APIs to execute key related queries and modify attributes using the NAE interface. |
| cadp_pkcs11_cryptoki.h | Contains the top-level include directives for building Win32 Cryptoki libraries and applications. |
| cadp_pkcs11.h | Contains user-defined macros and structures used in PKCS#11. |
| cadp_pkcs11_macros.h | Contains macros required by the PKCS#11 header files. Refer to the pkcs11.h file for documentation. |
| CryptoDataUtility.h | Contains APIs for serial encryption and decryption. |
| pkcs11f.h | Contains information about all the Cryptoki function prototypes. |
| pkcs11t.h | Contains Cryptoki types and macro values. |
| pkcs11.h | Contains information about all Cryptoki function prototypes, Cryptoki types, and macro values. This file includes information covered in both pkcs11t.h and pkcs11f.h. |
logs
The logs folder contains the cadp_for_c_basic.log file, which captures the logs of the cadp_for_c_basic utility used during the installation process. However, to capture the error, warnings and informational messages the CADP for C generates, configure the log file path in the CADP_CAPI.properties or CADP_PKCS11.properties (depending on whether you are using CADP for C CAPI or CADP for C PKCS11).
utilities
The utilities folder contains the following system utilities files including executables files:
| File Name | Description |
|---|---|
| cadp_for_c_basic.conf | CADP for C basic configuration file. This file stores the configurable parameters used to configure the basic settings for CADP for C client. Refer to Modifying the CADP for C Basic Configuration File for more information. |
| cadp_for_c_basic.exe | This executable file is used for Client Certificate Renewal. |
| certDetails | This file is used for SelfSignedCertificate utility. This is applicable to windows only. |
| ClientInfoUtility | This utility allows you to view the information of the environment where the CADP for C is running. This utility displays Client Version, Build Number, OS Version, and Run Time Environment. |
| req and openssl.conf | This utility allows you to generate the client certificate request and its private key.The req and openssl.conf files are used to generate certificate requests. The req file needs to be in the same directory as openssl.conf to run. You can generate an RSA key and a client certificate request using the following command: req -out clientreq -newkey rsa:1024 -keyout clientkey, where clientreq is the name of the certificate request being created, and clientkey is the name of the private key associated with the certificate request. |
| PassPhraseSecure | This command-line utility allows you to obfuscate the passphrase (in hex dump format) and store it in the Passphrase parameter in the properties file. This properties file is either the CADP_CAPI.properties or CADP_PKCS11.properties (depending on whether you are using CADP for C CAPI or CADP for C PKCS11). If you plan to use external CA configuraion, then also you can obfuscate the Passphrase using this utility. For detailed information, refer Securing Passphrase. |
| req | This utility allows you to generate the client certificate request and its private key. |
| RSAEncryptionUtility | This utility allows you to encrypt multiple data from an input file using the RSA algorithm and store the encrypted data in an output file. You provide the file names for both the input and output data. For detailed information, refer RSAEncryptionUtility under Utillities. |
wrapper
The wrapper folder contains the following folders:
| Folder Name | Description |
|---|---|
| .NET Core | Contains the Pkcs11Interop.dll, which is a managed library written in C# that allows you to use the PKCS#11 API in a .NET environment. Refer to About the Pkcs11Interop Library for .NetCore for more information. Refer to Github for .Net Core samples and Readme file. |
| java | Contains the cadp-pkcs11-wrapper-2.0.jar file. This file is a PKCS#11 wrapper, which exposes the complete set of PKCS#11 functionality CADP for C supports and allows you to use the PKCS#11 API in a Java environment. Refer to Github for Java samples and Readme file. |
