z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Usage Notes

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

SAF may be invoked to verify the caller is authorized to use this callable service, the key label, or internal secure key tokens that are stored in the CKDS or PKDS.

SAF will be invoked to check authorization to use the Clear PIN encrypt service and the label of the PIN_encrypting_key_identifier.

The Clear PIN Encrypt access control point controls the function of this service.

This table lists the required cryptographic hardware for each server type and describes restrictions for this callable service.

Table 170. Clear PIN encrypt required hardware
ServerRequired cryptographic hardwareRestrictions
IBM eServer zSeries 900PCI Cryptographic Coprocessor

ISO-3 PIN block format is not supported.

IBM eServer zSeries 990

IBM eServer zSeries 890

PCI X Cryptographic Coprocessor

Crypto Express2 Coprocessor

ISO-3 PIN block format is not supported.

IBM System z9 EC

IBM System z9 BC

Crypto Express2 Coprocessor

ISO-3 PIN block format requires the Nov. 2007 or later licensed internal code (LIC).

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014