The Host port can be programmed from the Console to provide a number of different emulations, according to the type of HSM. There are three host port connectors (four for the HSM8-Exxxxx variants with ESCON) on the rear panel; connection should be made to only one, depending on the emulation required.
Standard asynchronous emulation is half duplex, i.e. the Host must receive the response from the HSM before sending another command. There is no inherent flow control and the HSM returns its response as soon as it has finished processing a command. Typical processing times for PIN translations and verifications are 50 to 70 milliseconds. If the Host is logically half duplex and cannot receive such a quick response, a preset delay of 1 to 255 milliseconds can be inserted before the HSM sends the response.
Each command message to the HSM starts with STX (hexadecimal 02) and ends with ETX (hexadecimal 03). The response to the Host is also bracketed with the STX/ETX pair. These characters are the only data link control codes recognised, and any data between an ETX and the next STX is discarded. The HSM can be programmed to replace the ETX in its response with a one or two character string selected by the user, but the data from the Host is always terminated by ETX.
The data in the Host commands and the HSM responses is always ASCII character data. Raw binary data is never sent; keys and PIN blocks are converted to their hexadecimal character representations (0-9, A-F) for transmission.
In order to send binary data, the HSM can be configured for transparent asynchronous communications, in which it sends STX then the count (number of bytes), the data, a redundancy check character and ETX. The receiving unit verifies the redundancy check (which is over just the data), and confirms the number of bytes before accepting the data.
The SNA-SDLC interface provided in the HSM emulates a 3274 Control Unit (CU) with a single device attached. At the SNA level this Control Unit appears as two Network Addressable Units (NAU); a Physical Unit (PU) and a Logical Unit (LU). A standard 3274 CU contains 32 such LUs. The electrical interface between the Host and the HSM conforms to the RS-232C standard.
Options include selecting the message header length (1 to 100 characters), a Transparent Data mode, operation as a DCE or a DTE, the SDLC Station Address baud rate (if DCE).
The ESCON option uses the IBM channel protocol to emulate an IBM 3480 or 3490 tape controller unit, with limited command capabilities. The emulation supports 16 logical paths and 16 devices.
In addition to the Host interface port, the HSM provides an Ethernet interface that uses TCP/IP and UDP protocol for 10/100Mbps transmission over Cat 5 cable. The HSM provides a standard RJ45 Ethernet connection on the rear panel.
The HSM acts as a TCP/UDP server supporting up to sixty-four simultaneous connections. These can be either sixty-four simultaneous TCP ports/sockets or sixty-three simultaneous TCP port/sockets and a UDP port (multiplexed). Applications establish connections to the HSM’s ports by first connecting to the Well-Known-Port at the IP address. The Port Number and IP Address are defined for the HSM at configuration.
When the HSM receives a TCP connection request on the Well-Known-Port, it assigns one of the available TCP ports (or sockets) to the session. The original connection to the Well-Known-Port is dropped and all subsequent communication continues with the assigned port. The HSM keeps a count of the unassigned ports, and when there are no free ports available, refuses any additional set-up requests until a port becomes free.
A 10 base T Ethernet Management Port is also provided on the rear panel of the HSM for future use. This port will be used to download code and software updates.