RPG and CL Developer Solutions
Encryption and Key Management for Compliance
A variety of compliance regulations now require that organizations deploy standards-based encryption and separate encryption keys from the data that they product. For IBM i (AS/400, iSeries, System i) RPG developers this means storing encryption keys on an external appliance designed for this purpose, and securely retrieving encryption keys in RPG applications as they are needed for encryption and decryption tasks. Alliance AES Encryption APIs for the IBM i platform provides NIST certified AES encryption, and Alliance Key Manager provides an affordable solution that meets all compliance regulations for the secure creation, management, storage, and distribution of encryption keys to RPG applications. Alliance Key Manager is FIPS-140-2 certified (certificate number 1449) and is perfect for use with RPG applications.
Encryption can be a challenge for RPG developers. The Alliance AES Encryption software for the IBM i platform provides the RPG developer a way to incorporate NIST-certified AES encryption into their RPG applications.
RPG Key Retrieval APIs
Alliance Key Manager provides an easy –to-use service program that can be added to any application for key retrieval. This service program performs all of the SSL/TLS secure communications with the key server, and supports failover to a secondary server if the primary server is off-line. The Townsend Security AES encryption libraries on the IBM i platform naturally integrate with the Alliance Key Manager and perform the key retrieval and encryption in one step. You can also use the Alliance key retrieval software with any AES encryption library on the IBM i platform including IBM’s native encryption APIs and third party encryption software.
Wire Protocol Eliminates Libraries
The interface to the Alliance Key Manager is a “wire” protocol. This means that there is no client side software required for key retrieval. While Alliance Key Manager provides you with the software support you need to retrieve keys from the key server, you can also create your own applications to do key retrieval if you wish. If you use the Alliance Key Manager key retrieval software, you will use the no-charge IBM licensed program Digital Certificate Manager to create certificates used for SSL/TLS communications. The Alliance key retrieval software libraries use the native IBM i GSK APIs for the secure connection.
Alliance Key Manager Documentation and Sample Code
The Alliance Key Manager product CD contains documentation on the use of the Alliance Key Manager from RPG and provides sample application code that you can use to get started. If you use the Alliance AES/400 encryption solution, documentation and sample code are provided to help you get started quickly.
RPG AES Encryption APIs
Townsend Security provides NIST-certified AES encryption libraries on a wide variety of platforms including Linux and Unix. On the IBM i (AS/400, iSeries) platform AES software is delivered as a service program that is installed with the Alliance AES/400 solution. These AES libraries are NIST certified through the AES Validation program, and interoperate with Townsend AES libraries on a variety of other platforms including Linux, Unix, Windows, and IBM System z Mainframe platforms. You can encrypt on one platform and decrypt on a different platform without exposing the data during transport.
RPG Hash, RNG, and Encoding APIs
In addition to encryption APIs, the Alliance AES/400 solution provides the RPG developer with a variety of APIs that provide support for SHA-256 hashing, cryptographically secure random number generation (CS-PRNG), data masking, and Base64 and Base16 (hex) encoding of data. These APIs let the RPG developer easily extend their applications to incorporate these common cryptographic functions. Sample RPG source code helps you get started with your data protection projects.
Alliance AES Encryption Documentation and Sample Code
The Alliance AES/400 solution includes documentation on the use of Alliance AES encryption from RPG programs and provides sample application code that you can use to get started. If you use the Alliance AES/400 encryption solution, documentation and sample code are provided to help you get started quickly.
Tokenization for RPG Developers
Tokenization is an alternative data protection method that preserves the format of the original data. The Townsend Alliance Token Manager solution provides tokenization services to RPG applications and applications on all over major operating systems.
