nCore v13.3 Developer Tutorial
Introduction
This guide describes how to write applications using the nCore API, the native application programming interface for nShield modules. It also describes various programming libraries and utility functions that Entrust supplies.
Read this guide in conjunction with the nCore API documentation located in:
-
Windows:
%NFAST_HOME%\document\ncore\html\index.html(C) and%NFAST_HOME%\java\docs\index.html(Java) -
Linux:
/opt/nfast/document/ncore/html/index.html(C) and/opt/nfast/java/docs/index.html(Java).
Read this guide if …
Read this guide if you are an application developer who is writing cryptographic applications using the nCore API. If you are writing an application using a standard API, such as Java JCE/JCA, MS CAPI, CAPI NG or PKCS #11, you should read the Cryptographic API Integration Guide.
The nCore Developer Tutorial:
-
explains the nCore programming architecture
-
presents a tutorial on using the nCore API in C
-
presents a tutorial on using the nCore API in Java.
Model numbers
Model numbering conventions are used to distinguish different nShield hardware security devices. In the table below, n represents any single digit integer.
| Model number | Used for |
|---|---|
NH2047 |
nShield Connect 6000 |
NH2040 |
nShield Connect 1500 |
NH2033 |
nShield Connect 500 |
NH2068 |
nShield Connect 6000+ |
NH2061 |
nShield Connect 1500+ |
NH2054 |
nShield Connect 500+ |
NH2075-B |
nShield Connect XC Base |
NH2075-M |
nShield Connect XC Medium |
NH2075-H |
nShield Connect XC High |
NH2079-B |
nShield 5c Base |
NH2079-M |
nShield 5c Medium |
NH2079-H |
nShield 5c High |
NH2082 |
nShield Connect XC SCAP |
NH2089-B |
nShield Connect XC Base - Serial Console |
NH2089-M |
nShield Connect XC Mid - Serial Console |
NH2089-H |
nShield Connect XC High - Serial Console |
NH3003-B |
nShield Connect CLX Base - Serial Console |
NH3003-M |
nShield Connect CLX Mid - Serial Console |
NH3003-H |
nShield Connect CLX High - Serial Console |
nC2021E-000, NCE2023E-000 |
nToken PCIe |
nC3nnnE-nnn, nC4nnnE-nnn |
nShield Solo PCIe |
nC30n5E-nnn, nC40n5E-nnn |
nShield Solo XC PCIe |
nC30nnU-10, nC40nnU-10 |
nShield Edge |
NC5536E-B |
nShield 5s Base |
NC5536E-M |
nShield 5s Medium |
NC5536E-H |
nShield 5s High |
Further information
This guide forms one part of the information and support provided by Entrust.
The nCore API Documentation is supplied as HTML files installed in the following locations:
-
Windows:
-
API reference for host:
%NFAST_HOME%\document\ncore\html\index.html -
API reference for SEE:
%NFAST_HOME%\document\csddoc\html\index.html
-
-
Linux:
-
API reference for host:
/opt/nfast/document/ncore/html/index.html -
API reference for SEE:
/opt/nfast/document/csddoc/html/index.html
-
The Java Generic Stub classes, nCipherKM JCA/JCE provider classes, and Java Key Management classes are supplied with HTML documentation in standard Javadoc format, which is installed in the appropriate nfast\java or nfast/java directory when you install these classes.
Security advisories
If Entrust becomes aware of a security issue affecting nShield HSMs, Entrust will publish a security advisory to customers. The security advisory will describe the issue and provide recommended actions. In some circumstances the advisory may recommend you upgrade the nShield firmware and or image file. In this situation you will need to re-present a quorum of administrator smart cards to the HSM to reload a Security World. As such, deployment and maintenance of your HSMs should consider the procedures and actions required to upgrade devices in the field.
| The Remote Administration feature supports remote firmware upgrade of nShield HSMs, and remote ACS card presentation. |
We recommend that you monitor the Announcements & Security Notices section on Entrust nShield, https://nshieldsupport.entrust.com, where any announcement of nShield Security Advisories will be made.
Contacting Entrust nShield Support
To obtain support for your product, contact Entrust nShield Support, https://nshieldsupport.entrust.com.