115 lines
4.9 KiB
HTML
115 lines
4.9 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
|
<title>Secure Sockets APIs</title>
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<!-- Begin Header Records ========================================= -->
|
|
<!-- NETMG2 SCRIPT A converted by B2H R4.1 (346) (CMS) by HOLTJM at -->
|
|
<!-- RCHVMW2 on 29 Jan 1999 at 10:01:37 -->
|
|
<!-- File restructured for V5R2 -->
|
|
<!-- End Header Records -->
|
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
|
</head>
|
|
<body>
|
|
<a name="Top_Of_Page"></a>
|
|
<!-- Java sync-link -->
|
|
<script language="Javascript" src="../rzahg/synch.js" type="text/javascript">
|
|
</script>
|
|
|
|
<h2>Secure sockets APIs</h2>
|
|
|
|
<p>Secure sockets consists of the following APIs:</p>
|
|
|
|
<ul>
|
|
<li><a href="unix9a.htm">i5/OS Global Secure Toolkit (GSKit) APIs</a><br><br></li>
|
|
|
|
<li><a href="unix9b.htm">i5/OS SSL_ APIs</a><br><br></li>
|
|
|
|
<li><img src="delta.gif" alt="Start of change" border="0"><a href="openssl.htm">Open SSL APIs</a><img src="deltaend.gif" ALT="End of change" border="0"></li>
|
|
</ul>
|
|
|
|
<p>The i5/OS<SUP>(R)</SUP> Global Secure Toolkit (GSKit) and i5/OS SSL_ application
|
|
programming interfaces (APIs) are a set of functions that,
|
|
when used with the i5/OS sockets APIs, are designed to enable and facilitate
|
|
secure communications between processes on a network. The GSK Secure Toolkit
|
|
(GSKit) APIs are the preferred set of APIs to be used to securely enable an
|
|
application using Secure Sockets Layer/Transport Layer Security (SSL/TLS). The
|
|
SSL_ APIs also can be used to enable an application to use the SSL/TLS Protocol.</p>
|
|
|
|
<p>SSL provides communications privacy over an open communications
|
|
network (that is, the Internet). The protocol allows client/server applications
|
|
to communicate to prevent eavesdropping, tampering, and message forgery.
|
|
The SSL protocol connection security has three basic properties:</p>
|
|
|
|
<ul>
|
|
<li>The connection is private. Encryption using secret keys is used to encrypt
|
|
and decrypt the data. The secret keys are generated on a per SSL session basis
|
|
using an SSL handshake protocol. An SSL handshake is a series of protocol packets
|
|
sent in a particular sequence, which use asymmetric cryptography to establish an
|
|
SSL session. Symmetric cryptography is used for application data encryption
|
|
and decryption.<br><br></li>
|
|
|
|
<li>The peer's identity can be authenticated using asymmetric, or public key
|
|
cryptography.<br><br></li>
|
|
|
|
<li>The connection is reliable. Message transport includes a message integrity
|
|
check using a keyed Message Authentication Code (MAC). Secure hash functions
|
|
are used for MAC computations.</li>
|
|
</ul>
|
|
|
|
<p>When creating ILE programs or service programs that use the i5/OS GSKit or
|
|
SSL_ APIs, you do not need to explicitly bind to the secure sockets service program
|
|
QSYS/QSOSSLSR because it is part of the system binding directory.</p>
|
|
|
|
<p>The GSKit and SSL_ API documentation describes the GSKit and SSL_ APIs only.
|
|
This documentation does not include any information about how to configure or
|
|
obtain any of the cryptographic objects, such as a key ring file or
|
|
certificate, that are required to fully enable an application for SSL. Some
|
|
cryptographic objects, such as certificate store files, are required parameters
|
|
for
|
|
GSKit and SSL_ APIs. Information on how to configure the cryptographic objects
|
|
required for the i5/OS secure socket APIs, or how to configure a secure web server,
|
|
which also uses the secure socket APIs, can be found using the following references:</p>
|
|
|
|
<ul>
|
|
|
|
<li><a href="http://www.as400.ibm.com/products/http/docs/doc.htm" target="_blank">HTTP
|
|
Server: Documentation</a><img src="www.gif" width="18" height="15" alt="Link outside Information Center"><br><br></li>
|
|
|
|
|
|
<li><a href="../rzain/rzainoverview.htm">Secure Sockets Layer (SSL)</a>
|
|
under the Security topic. <a href="../rzain/rzainplanssl.htm">Plan for enabling
|
|
SSL</a> discusses what you must install and configure before using
|
|
secure sockets.<br><br></li>
|
|
|
|
<li><a href="../rzajc/rzajcoverview.htm">Cryptographic Hardware</a> topic.</li>
|
|
</ul>
|
|
|
|
<p>For background information on GSKit and SSL_ APIs, see:</p>
|
|
|
|
<ul>
|
|
<li><a href="../rzab6/cssl.htm">Secure Sockets</a> in the
|
|
Sockets programming topic.
|
|
</ul>
|
|
|
|
<br>
|
|
|
|
<hr>
|
|
<center>
|
|
<table cellpadding="2" cellspacing="2">
|
|
<tr align="center">
|
|
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> |
|
|
<a href="unix.htm">UNIX-Type APIs</a> | <a href="aplist.htm">APIs by
|
|
category</a></td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
</body>
|
|
</html>
|
|
|