Home
CryptoHardware (MQCHAR256)
This field gives configuration details for cryptographic hardware connected to the client system. Set the field to one of the following strings, or leave it blank or null:
GSK_ACCELERATOR_RAINBOW_CS_OFF GSK_ACCELERATOR_RAINBOW_CS_ON GSK_ACCELERATOR_NCIPHER_NF_OFF GSK_ACCELERATOR_NCIPHER_NF_ON GSK_PKCS11=<the PKCS #11 driver path and filename>;<the PKCS #11 token label>;<the PKCS #11 token password>;<symmetric cipher setting>;Notes:
- The strings containing
RAINBOW enable or disable the Rainbow Cryptoswift cryptographic hardware.
- The strings containing
NCIPHER enable or disable the nCipher nFast cryptographic hardware.
- In order to use cryptographic hardware which conforms to the PKCS11 interface, for example, the IBM 4960 or IBM 4963, the PKCS11 driver path, PKCS11 token label, and PKCS11 token password strings must be specified, each terminated by a semi-colon.
The PKCS #11 driver path is an absolute path to the shared library providing support for the PKCS #11 card. The PKCS #11 driver filename is the name of the shared library. An example of the value required for the PKCS #11 path and filename is:
/usr/lib/pkcs11/PKCS11_API.soThe PKCS #11 token label must be entirely in lowercase. If you have configured your hardware with a mixed case or uppercase token label, re-configure it with this lowercase label.
- If the field is blank or null, it indicates that no cryptographic hardware configuration is required.
If the value is shorter than the length of the field, terminate the value with a null character, or pad it with blanks to the length of the field. If the value is not valid, or leads to a failure when used to configure the cryptographic hardware, the call fails with reason code MQRC_CRYPTO_HARDWARE_ERROR.
This is an input field. The length of this field is given by MQ_SSL_CRYPTO_HARDWARE_LENGTH. The initial value of this field is the null string in C, and blank characters in other programming languages.
Home