Filter
Top Products
CCA Release 2.54
Fifth Edition, CCA Support Program, Release 2.30
The fifth edition of the IBM 4758 CCA Basic Services Reference and Guide Version
2.30 for the IBM 4758 Models 002 and 023 technology and describes the Common
Cryptographic Architecture (CCA) application programming interface (API) that is
supported by the CCA Support Program, Release 2.30, for the IBM PCI
Cryptographic Coprocessor technology.
These items have been changed, extended, or added in Release 2.30:
1. Formal support for AIX and Windows 2000
2. Under application programming control, multiple Coprocessors can be used to
implement the CCA. The implementation extends the function previously
available on the IBM OS/400 platform. See the discussion and these verbs:
“Multi-Coprocessor Capability” on page 2-10
Cryptographic_Resource_Allocate (CSUACRA, page 2-44)
Cryptographic_Resource_Deallocate (CSUACRD, page 2-46).
Note: IBM has limited objectives for the support provided in Release 2.30.
The approach to multiple-Coprocessor support may be revised in a subsequent
release, possibly with changes to the API provided in the current release.
3. Added verb Random_Number_Tests (CSUARNT, page 2-46) so that you can
test the random number generator and to cause the Coprocessor to run the
FIPS-mandated known-answer tests.
4. Extended these verbs with ANSI X9.31 capabilities:
Digital_Signature_Generate (CSNDDSG, page 4-4)
Digital_Signature_Verify (CSNDDSV, page 4-7).
5. Added support of the RIPEMD160 algorithm. See verb One_Way_Hash
(CSNBOWH, page 4-13).
Also modified the verb to employ the Coprocessor's SHA-1 engine when
calculating the SHA-1 hash for longer text strings.
6. Added support of the IBM DES-based MDC-2 and MDC-4 hashing processes.
See the MDC_Generate (CSNBMDG, page 4-10) verb.
7. Added additional diversified key support and supporting key types. See verb
Diversified_Key_Generate (CSNBDKG, page 5-35), and the related descriptions
of key types and control vectors at “Key-Usage Restrictions” on page 5-6 and
Appendix C, “CCA Control-Vector Definitions and Key Encryption.”
Also extended these verbs to support the additional DKYGENKY and SECMSG
key types:
Control_Vector_Generate (CSNBCVG, page 5-24)
Key_Token_Build (CSNBKTB, page 5-61)
Key_Token_Parse (CSNBKTP, page 5-66).
8. Added support for generating and validating the American Express card
security codes (CSC) with the Transaction_Validation (CSNBTRV, page 8-75)
verb.
About This Publication xxi