Modules may make use of other OCSF service provider modules to implement their functionality. For example, a module implementing a CL may use the capabilities of a CSP module to perform the cryptographic operations of sign and verify. In that case, the CL module could package the certificate or Certificate Revocation List (CRL) fields to be signed or verified, attach to the appropriate CSP module, and call CSSM_SignData or CSSM_VerifyData to perform the operation.

A second form of module-to-module interaction is subservice collaboration. For example, a Public-Key Cryptographic Standard module may require collaborating CSP and DL subservices. Collaborating subservices are assumed to share state. A module indicates that two or more subservices collaborate by assigning them the same subservice ID. When an application attaches one of the collaborating subservices, it will receive a handle that may be used to access any of the subservices having the same subservice ID. This mechanism may be used for collaboration across categories of services, but is not available within a single category of service.

Subservices may make use of other products or services as part of their implementation. For example, an Open Database Connectivity (ODBC) DL subservice may make use of a commercial database product such as DB2. A CL subservice may make use of a Certificate Authority (CA) service, such as the VeriSign DigitalID Center, for filling certification requests. The encapsulation of these products and services is exposed to applications in the CSSM_XX_WRAPPEDPRODUCT_INFO data structure, which is available by querying the OCSF registry.

A module developer may provide additional utility libraries for use by other module developers. Utility libraries are software components that contain functions that may be useful to several modules. For example, a utility library that performs DER encoding might be useful to several modules providing CL services. The utility library developer is responsible for making the definition, interpretation, and usage of their library available to other module developers.