Skip to main content

Primus HSM - Supported APIs

The Primus HSM can be accessed over different APIs. The available operations include encrypting/decryption, signing/verifying, and key management. The core functionality is the same, but certain features may not be available over all APIs. The APIs can be enabled and disabled in the device-wide security configuration and on a per Partition basis.

For the API specifications, installation instructions, and usage examples, see the respective API provider documentations linked below.

Java Cryptography Extension (JCE)

The Primus JCE/JCA API provides a Java Cryptography Extension (JCE) compliant interface that enables seamless integration of Java applications with Primus Hardware Security Modules (HSMs). It is designed to conform to the standard Java Cryptography Architecture (JCA).

Read the JCE API documentation.

REST

The Primus REST API offers a modern, platform-independent interface to interact with Primus HSMs over HTTP or HTTPS. It is designed for simplicity, flexibility, and broad interoperability. The REST API allows applications developed in any language or environment to securely access the cryptographic functions of Primus HSMs. The Primus REST API is deployed as a containerized application that translates requests from REST to JCE.

Read the REST API documentation.

PKCS#11/Cryptoki

The Primus PKCS#11 API provides access the cryptographic capabilities of Primus HSMs using the widely adopted PKCS#11 specification (also known as the Cryptoki). This low-level C API is ideal for applications and platforms that require direct control over cryptographic operations and secure key management in a high-assurance environment. Third-party wrappers around PKCS#11 are available for many programming languages. Many applications (such as OpenSSL) implement the PKCS#11 interface.

Read the PKCS#11 API documentation.

Microsoft CNG

The Primus CNG API integrates HSMs with Microsoft’s Cryptography Next Generation (CNG) platform, providing secure, hardware-backed cryptographic operations within Windows environments. By installing the Primus CNG provider, the API allows Windows applications and services to transparently use Primus HSMs for key storage and cryptographic functions.

Read the CNG API documentation.

Get started withCloudHSM for free.
Other questions?Ask Sales.
Last updated on
Feedback
Need help?