RSA Security 4.3 manual Overview of a Crypto-CHardware Application

Overview of a Crypto-C Hardware Application

Overview of a Crypto-C Hardware Application

Creating a Crypto-C application that can use Intel’s security hardware features is similar to creating any Crypto-C application. If you are not familiar with Crypto-C, you may wish to consult the introductory example in Chapter 1 of the Crypto-C User’s Guide. For an application that will use hardware, the following differences should be noted:

Additional algorithm info types (AIs). Crypto-C provides some AIs that are designed to work only with hardware. These AIs extend the functionality of the Crypto-C application when the compatible hardware is present.

Additional algorithm methods (AMs). Recall that the AIs are merely the vessels that are used to set up the Crypto-C programming interface. The algorithm methods (AMs) do the actual work. In a software-only application, these methods are all part of the Crypto-C library. For a hardware-aware application, Crypto-C makes available additional methods that can be used to access the hardware.

Changes to the chooser structure. The chooser specifies the algorithm methods an application can use. In order to make your application as flexible as possible, and give you access to hardware from multiple vendors, Crypto-C extends the chooser model for hardware-aware applications. In this case, you create two choosers: a chooser that contains the methods built into Crypto-C, including any Crypto-C hardware-aware methods you need, and a second hardware chooser, that lists the methods supplied by the manufacturer, such as Intel, of the hardware you wish to use. Then you must call the function B_CreateSessionChooser to combine these two choosers and actively associate the manufacturer’s method with the generic method supplied in Crypto-C. This created chooser can be used wherever you would have used the standard chooser in Crypto-C.