Using Cryptographic Hardware
134 RSA BSAFE Crypto-C Developer’s Guide
PKCS #11 SupportPKCS #11 support has been added to Crypto-C v5.1. The routine will allow you to
create a new algorithm chooser from an existing chooser. It uses the hwInfoType to
determine which of the AM's in the currentChooser are to be supplemented with
hardware functionality. Then it uses this information to create a new AM. The routine
then creates a new chooser that contains all the AM's in currentChooser plus any new
AM's created. If the user passes in
swReplacements
, and the function is unable to create
the hardware versions of the methods, the software versions will be used instead. The
new chooser is deposited at the address specified by newChooser.
The call to the B_CreateHardwareChooser routine will create a brand new chooser. It
will contain all the AM's in the original chooser, plus the new ones created. If the
function cannot create a hardware version of the desired AM, it will find a software
version in RSA_GEN_SW_CHOOSER. If the software chooser is NULL_PTR or does not
contain an AM that can be used as a replacement for the desired hardware AM, the
function will return an error. To see what was actually used (hardware or software),
check the device field of the input info structure.
B_ALGORITHM_METHOD *RSA_GEN_HW_CHOOSER[] = {
&AM_PKCS11_RSA_KEY_GEN,
(B_ALGORITHM_METHOD *)NULL_PTR
};
B_ALGORITHM_METHOD *RSA_GEN_SW_CHOOSER[] = {
&AM_RSA_KEY_GEN,
(B_ALGORITHM_METHOD *)NULL_PTR
};
B_ALGORITHM_CHOOSER *hwChooser =
(B_ALGORITHM_CHOOSER)NULL_PTR;
if ((status = B_CreateHardwareChooser
(RSA_GEN_HW_CHOOSER, &hwChooser, RSA_GEN_SW_CHOOSER,
HI_PKCS11Session, (POINTER)&p11Session)) != 0)
break;
if ((status = B_GenerateInit (rsaGen, hwChooser, (A_SURRENDER_CTX*)NULL_PTR))
break;