libzpc - A Protected-Key Cryptographic
Library
libzpc offers APIs to exploit the high
performance of protected-key cryptography in the CPACF without the need to code assembler language. As
protected keys are volatile, libzpc provides a
mechanism to keep a protected key's effective key as a permanent secure key with the possibility to
automatically derive a new protected key whenever required.
PDF file
You can view and print this information in PDF format.
About this document
The IBM Z® Protected-Key Cryptographic Library (libzpc ) is an open-source library targeting the 64-bit Linux on IBM Z and IBM LinuxONE platforms. The implementation of the provided APIs for cryptographic operations exploits the CP Assist for Cryptographic Functions (CPACF ) of IBM Z and LinuxONE systems. Therefore, libzpc can provide the high-performance support of the CPACF feature, combined with the use of protected keys, which ensures that key material is never present in main memory at any time.
Summary of changes
Track the changes of this document for each new edition.
Concepts of IBM Z cryptographic hardware
IBM Z systems offer different types of cryptographic hardware with different features to meet a customer's cryptographic requirements.
Prerequisites for using libzpc
Before you can write applications exploiting the libzpc APIs, learn about the tasks how to build, test, install, and configure libzpc .
Programming with libzpc
This part describes important concepts that you need to know before applying the libzpc APIs in order to avoid errors.
libzpc APIs
The chapters in this part describe all available APIs of libzpc . Also, you can view sample programs for AES and ECC exploiting a selection of these APIs.