IBM 2 Computer Hardware User Manual


 
CCA Release 2.54
The Security API, Programming Fundamentals
You obtain CCA cryptographic services from the PCI Cryptographic Coprocessor
through procedure calls to the CCA security application programming interface
(API). Most of the services provided are considered an implementation of the IBM
Common Cryptographic Architecture (CCA). Most of the extensions that differ from
other IBM CCA implementations are in the area of the access-control services. If
your application program will be used with other CCA products, you should
compare the other-product literature for differences.
Your application program requests a service through the security API by using a
procedure call for a verb.
4
The procedure call for a verb uses the standard syntax
of a programming language, including the entry-point name of the verb, the
parameters of the verb, and the variables for the parameters. Each verb has an
entry-point name and a fixed-length parameter list. See the first page of each of
the following chapters to learn what verbs are provided.
The security API is designed for use with high-level languages, such as C, COBOL
(OS/400), or RPG (OS/400), and for low-level languages, such as assembler. It is
also designed to enable you to use the same verb entry-point names and variables
in the various supported environments. Therefore, application code that you write
for use in one environment generally can be ported to additional environments with
minimal change.
Verbs, Variables, and Parameters
This section explains how each verb (service) is described in the reference material
and provides an explanation of the characteristics of the security API.
Each callable service, or verb, has an entry-point name and a fixed-length
parameter list. The reference material describes each verb and includes the
following information for each verb:
Pseudonym
Entry-point name
Supported environment(s)
Description
Restrictions
Format
Parameters
Hardware command requirements.
Pseudonym and Entry-Point Name: Each verb has a pseudonym
(general-language name) and an entry-point name (computer-language name).
The entry-point name is used in your program to call the verb. Each verb's
entry-point name begins with one of the following:
CSNB Generally the DES services
CSND RSA public-key services (PKA96)
4
The term verb implies an action that an application program can initiate; other systems and publications might use the term
callable service instead of verb.
1-8 IBM 4758 CCA Basic Services, Release 2.54, February 2005