WHITE PAPER
The Technology in CodeMeter Certificate Vault
CodeMeter Certificate Vault can be easily integrated into existing environments via a choice of standard APIs . The most straightforward option is using the CodeMeter Certificate Vault library , a complete , selfcontained instance of CodeMeter Certificate Vault , for the chosen interface . All that is needed additionally is a CmDongle with the certificates and keys . The components needed for communicating with that dongle are also already included , as the library can access an integrated CodeMeter Embedded stack for that purpose or alternatively use the integrated runtime bridge to contact the local CodeMeter Runtime .
PKCS # 11 OpenSSL KSP
Application Application
Application
Certificate Vault PKCS # 11 Library
CmEmbedded
CmRuntime
OpenSSL
Certificate Vault OpenSSL Library
CmEmbedded
CmRuntime
Microsoft Key Storage Provider
Certificate Vault Microsoft KSP
CmEmbedded
CmRuntime
Standard Interfaces
These interfaces are commonly used for secure communication and go in-between CodeMeter Certificate Vault and the secure certificate and key handling .
All three interfaces can be used separately or in combination .
PKCS # 11 Library
Public Key Cryptography Standards ( PKCS ) covers a group of cryptographic standards and specifications developed and published by RSA Security Inc . The most prominent member is the RSA algorithm , used since the 1990s for asymmetric cryptography . It is the basis for the X . 509 certificates used with CodeMeter Certificate Vault .
The PKCS # 11 standard ( aka Cryptoki ) concerns a generic programming interface ( API ) for cryptographic tokens ( components ) like hardware security modules or smart cards . The API defines and implements both cryptographic objects like digital keys or X . 509 certificates and the cryptographic operations made with those objects .
PKCS # 11 works across platforms and completely separates the application code from the specific details of the cryptographic components . All that is needed to use it and get access to the PKCS # 11 functionality is to load the CodeMeter Certificate Vault PKCS # 11 library in the application with the command LoadLibrary ().
7