Using verbs and applications in PCI-HSM 2016 compliance mode
Beginning with the Crypto Express6 adapter, when configured as a CCA coprocessor, such a coprocessor is capable of running in the PCI-HSM 2016 compliance mode. In order for the requirements of PCI-HSM 2016 to apply to a workload, the workload must be using compliant-tagged key tokens.
The PCI-HSM 2016 compliance mode places certain restrictions on the use of compliant-tagged key tokens. Thus, not all verbs can make use of such keys. Table 3 provides a list of PCI-HSM 2016 compliant verbs.
Furthermore, you may want to migrate applications to work in PCI-HSM 2016 compliance mode. This means, that you can adapt existing applications prior to CCA release 6.0 that exploit verbs that are now PCI-HSM 2016 compliant, to apply to PCI-HSM 2016 compliance mode. For more information, see Migrating applications to PCI-HSM 2016 compliance mode.