Method and apparatus for managing keys for cryptographic operations
First Claim
Patent Images
1. A method in data processing system for performing an operation using a key comprising;
- receiving a call from an application to perform the operation using the key;
in response to receiving the call, automatically identifying a routine to perform the operation;
in response to receiving the call, automatically identifying a keystore containing the key;
creating a data structure used by the routine to execute the operation, wherein the data structure includes parameters of the call received from the application;
sending the data structure to the routine, wherein the routine and the keystore are identified using the data structure.
1 Assignment
0 Petitions
Accused Products
Abstract
A cryptographic system for use in a data processing system. The system includes a security layer and a plurality of cryptographic routines, wherein the plurality of cryptographic routines are accessed through the security layer. Also included is a keystore and a keystore application program interface layer coupled to the security layer. The keystore application program interface layer receives a call from an application to perform a cryptographic operation, identifies a routine, calls the routine to perform the cryptographic operation, receives a result from the routine, and returns the result to the application.
61 Citations
24 Claims
-
1. A method in data processing system for performing an operation using a key comprising;
-
receiving a call from an application to perform the operation using the key;
in response to receiving the call, automatically identifying a routine to perform the operation;
in response to receiving the call, automatically identifying a keystore containing the key;
creating a data structure used by the routine to execute the operation, wherein the data structure includes parameters of the call received from the application;
sending the data structure to the routine, wherein the routine and the keystore are identified using the data structure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A cryptographic system for use in a data processing system comprising:
-
a security layer;
a plurality of cryptographic routines, wherein the plurality of cryptographic routines are access through the security layer;
a keystore; and
a keystore application program interface layer coupled to the security layer, wherein the keystore application program interface layer receives a call from an application to perform a cryptographic operation, in response to receiving the call automatically identifies a routine, calls the routine to perform the cryptographic operation, receives a result from the routine, and returns the result to the application, wherein the routine uses a data structure that includes parameters of the call received from the application to execute the operation, and wherein the routine and the keystore are identified using the data structure. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A data processing system for performing an operation using a key comprising;
-
receiving means for receiving a call from an application to perform the operation using the key;
in response to receiving the call, first identifying means for automatically identifying a routine to perform the operation;
in response to receiving the call, second identifying means for automatically identifying a keystore containing the key;
creating means for creating a data structure used by the routine to execute the operation, wherein the data structure includes parameter of the call received from the application;
sending means for sending the data structure to the routine, wherein the routine and the keystore are identified using the data structure. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A computer program product in a computer readable medium for performing an operation using a key, the computer program product comprising;
-
first instructions for receiving a call from an application to perform the operation using the key;
in response to receiving the call, second instructions for automatically identifying a routine to perform the operation;
in response to receiving the call, third instructions for automatically identifying a keystore containing the key;
fourth instructions for creating a data structure used by the routine to execute the operation, wherein the data structure includes parameters of the call received from the application;
fifth instructions for sending the data structure to the routine, wherein the routine and the keystore are identified using the data structure.
-
Specification