Previous topic |
Next topic |
Contents |
Index |
Contact z/OS |
Library |
PDF
Generating and Verifying RSA Digital Signatures z/OS Cryptographic Services ICSF Application Programmer's Guide SA22-7522-16 |
|
You can use algorithm method AM_TOKEN_RSA_PRV_ENCRYPT with AM_MD5 or AM_SHA to have ICSF and the Cryptographic Coprocessor Feature generate RSA digital signatures. To verify the RSA digital signature using the S/390 or IBM zSeries cryptographic solution, you can use AM_TOKEN_RSA_PUB_DECRYPT (with AM_MD5 or AM_SHA). Your BSAFE application must contain a couple of new BSAFE function calls to access the S/390 and IBM zSeries services. AM_TOKEN_RSA_PRV_ENCRYPT and AM_TOKEN_RSA_PUB_DECRYPT are new in BSAFE 3.1. For more information, see Using the New Function Calls in Your BSAFE Application. For signature generation, you can use either a clear private key in the form of a KI_PKCS_RSAPrivate or a CCA RSA private key token in the form of a KI_TOKEN. For signature verification, you can use either a public RSA key in the form of a KI_RSAPublic or a CCA RSA public key token in the form of a KI_TOKEN. KI_TOKEN is a new key information type in BSAFE. For more information about KI_TOKEN, see Using the BSAFE KI_TOKEN. The following list shows BSAFE AI types with choosers that may include AM_TOKEN_RSA_PRV_ENCRYPT:
The following list shows BSAFE AI types with choosers that may include AM_TOKEN_RSA_PUB_DECRYPT:
|
Copyright IBM Corporation 1990, 2014
|