CryptoCards - CCA sample code

IBM Systems cryptographic HSMs

IBM sample programs

CCA sample programs

IBM provides a Common Cryptographic Architecture (CCA) for its hardware security modules (HSMs) that includes an application programming interface (API) which is intended for systems analysts, applications analysts, and application programmers to evaluate or create programs that employ the CCA API. Users of the CCA API should refer to the manuals that are also available on the Library page for the IBM 4767.

Note: Linux® on IBM Z® users should refer to the Secure Key Solution with the Common Cryptographic Architecture: Application Programmer's Guide, which is also available on the Library page.

IBM provides the following sample programs as examples of how to use and code a subset of the CCA API for the IBM HSMs. These samples target the IBM 4767.

4767 CCA sample programs

EP11 sample program

IBM provides the following example EP11 application illustrating the use of the host library for setup and dispatch of requests to a CryptoExpress adapter.

IBM EP11 sample program

CCA sample programs

Source files tarball

Source files

Provides a tar archive of all the CCA sample source files to simplify downloading of samples.

Source files:

Source file tarball (TAR, 809 KB)

makefile

Makefiles

Compile and link a sample program.

Source files:

Windows makefile

Access control system

Access control system

Initialize one or more roles; query and list defined roles.

Source files:

Initialiation source

Query / list source

DES encipher / decipher

AES encipher / decipher

Generate a random AES key and use the key to encipher and decipher some data.

Source files:

DES encipher / decipher

DES encipher / decipher

Generate a random DES key and use the key to encipher and decipher some data.

Source files:

Calculate / verify MAC

Calculate / verify MAC

Generate a random HMAC key, then calculate and verify a MAC on a predetermined string of data.

Source files:

Generate / verify digital signature

Generate / verify digital signature

Generate a random RSA public/private key pair, then use that key pair to sign and verify some sample data.

Source files:

Signature source

Signature header

Set up a CCA node

Set up a CCA node

Set up a CCA node for use as a development and test platform using various CCA API calls.

Source files:

TR-31 export / import

TR-31 export / import

Export a DES key that is in a CCA key-token into a TR-31 key-token and import that DES key from the TR-31 key-token back into a CCA key-token.

Source files:

PIN operations

PIN operations

Generate a random HMAC key, then calculate and verify a MAC on a predetermined string of data.

Source files:

Performance

Performance

Test performance of various CCA verbs.

Source files:

Perf script (SH, 15 KB)

Follow us

Visit us on Facebook Visit us on Twitter Visit us on LinkedIn Visit us on blog Visit us on YouTube