IBM CEX7S / 4769 library

Product documentation for the IBM CEX7S / 4769 Cryptographic Coprocessor is available in PDF format. To view a PDF document, you need the Adobe® (Adobe Systems Incorporated) Reader®. If you don't have the Reader installed, you can download a complimentary copy from Adobe (link resides outside of

Available on multiple platforms

IBM Z mainframe. The CEX7S / 4769 is available as feature code (FC) 0898 / 0899 (Crypto Express7S, or CEX7S) on IBM Z mainframes (z15® only), either on z/OS® or Linux® on IBM Z® operating systems.

On Linux on IBM Z, IBM offers a CCA API for the CEX7S and a PKCS #11 (EP11) API to the user.

x64 servers. The 4769 is available as machine type-model 4769-001 on x64 servers on Red Hat® Enterprise Linux® (RHEL) 64-bit operating systems. IBM offers a Common Cryptographic Architecture (CCA) Support Program for the IBM 4769 at no charge to the user.

IBM PCIe Cryptographic Coprocessor Version 4

CCA Support Program

The CCA Basic Services and Secure Key Solution manuals describe the capabilities of the security application programming interface (API) provided with the CCA Support Program, while the CCA Support Program manuals describe how to install CCA, use the CCA API, and use the Crypto Hardware Installation and Maintenance (CHIM) program on the workstation. Refer to the Manuals by platform table to select these manuals by platform.

Manuals by platform

IBM 4769 CCA Utilities

CCA Utilities User Guide
This guide describes the CCA utilities program shipped with CCA for the IBM 4769.

IBM 4769 PCIe Cryptographic Coprocessor CCA Utilities User Guide (PDF, 161 KB)

Enterprise PKCS #11 (EP11)

This manual describes the library structure and capabilities of the cryptographic application programming interface (API) provided with the Enterprise PKCS#11 (EP11) Library for Linux on Z.

Related products

The IBM CPACF Enablement crypto feature

The IBM Central Processor Assist for Cryptographic Functions (CPACF) feature, IBM Z feature code 3863, provides hardware acceleration for 290-960 MB/sec bulk encryption rate, AES (128, 192, 256 bit), DES (DEA, TDEA2, TDEA3), SHA-1 (160 bit), and SHA-2 (224, 256, 384, 512 bit).

The IBM Cryptographic Coprocessor Facility (CCF)

The Cryptographic Coprocessor Facility (CCF) is an optional hardware feature that provides high-performance cryptographic capabilities for z/VM®, including DES, Triple-DES, RSA, and various finance-industry-specific cryptographic services. IBM zSeries servers, except the zSeries 990, offer the CCF feature.

Standards and technology