Filter
Top Products
Using Cryptographic Hardware
132 RSA BSAFE Crypto-C Developer’s Guide
Using Cryptographic Hardware
Crypto-C lets you enhance the security and speed of cryptographic
operations by exploiting cryptographic hardware that supplies an interface to Crypto-
C via the BSAFE Hardware Application Programming Interface (BHAPI). Capabilities
include a hardware algorithm method for random number generation and key token
types that encapsulate RSA, DSA, and symmetric keys inside of hardware.
For an example of a hardware implementation using Crypto-C, see the Intel Security
Hardware User’s Guide, available on the Crypto-C CD.
Interfacing with a BHAPI Implementation
When you Create, Set, and Init an algorithm object in a Crypto-C software
application, you set an algorithm info type (AI) and the parameters required by that
AI. You also choose which algorithm methods to use via the software chooser. The AI
itself doesn’t perform any cryptographic operations; rather, it is used to store
information, allocate space, and to create the necessary points of contact with the
underlying Crypto-C functions. Figure 4-1 shows the relation between the algorithm
object and the Crypto-C software library.
Figure 4-1 Algorithm Object in a Software Implementation
A hardware manufacturer can associate a hardware function with a Crypto-C AM
(algorithm method) and provide these methods to the software developer. You then
access the hardware by using
B_CreateSessionChooser to create a hardware-based
chooser, for example,
FIXED_HARDWARE_CHOOSER, that lists the available required
hardware methods. This substitution is made at link time, and does not change once
Functions
Alg Object
Type (AI)
Parameters
BSAFE Software Library