table of contents
IBMCA(5) | IBMCA user manual | IBMCA(5) |
NAME¶
IBMCA - IBMCA is an OpenSSL engine that uses the libica library under s390x to accelerate cryptographic operations.DESCRIPTION¶
IBMCA accelerates cryptographic operations of applications that use OpenSSL. The engine can be configured by the IBMCA configuration file. The OpenSSL configuration file is only needed to attach the engine.openssl.cnf¶
The OpenSSL configuration file can have an IBMCA section. This section includes only OpenSSL configuration options for the IBMCA engine.Control Commands¶
Applications that load an OpenSSL engine can optionally send control commands to the engine. Control Commands are key value pairs. The value can be a string, a numeric integer or be null. See the engine(3) manpage for a mechanism to discover control commands.OPTIONS¶
openssl.cnf¶
Options for the IBMCA section in openssl.cnf:dynamic_path = /path/to/libibmca.so
Set the path to the IBMCA shared object file allowing
OpenSSL to find the file.
engine_id = name
Set the name of the engine. The default name is
"ibmca".
- init = 0 | 1
- OpenSSL will try to initialize the engine if this option is set to 1. If set to 0, OpenSSL will not try to initialize the engine.
default_algorithms = ALL | mechanisms
Redirect all cryptographic operations through the engine
or disable types of mechanisms that the engine supports. If ALL is not used,
the default_algorithms consists of a comma separated list of mechanisms
: CIPHERS | DIGESTS | RSA | DH | DSA.
Only all CIPHERS and/or DIGESTS can be de/activated. Algorithms like AES can not be de/activated independently.
Control Command¶
IBMCA does support one optional control command:SO_PATH: /path/to/libica.so
Replaces the current libica library by an libica library
located at SO_PATH.
SEE ALSO¶
engine(3)2017-08-24 | IBM |