z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Usage Notes

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

SAF may be invoked to verify the caller is authorized to use this callable service, the key label, or internal secure key tokens that are stored in the CKDS or PKDS.

If KEK_key_identifier is a label of an IMPORTER or EXPORTER key, the label must be unique in the CKDS.

The Control Vector Translate access control point controls the function of this service.

This table lists the required cryptographic hardware for each server type and describes restrictions for this callable service.

Table 13. Control vector translate required hardware
ServerRequired cryptographic hardwareRestrictions
IBM eServer zSeries 900PCI Cryptographic CoprocessorENH-ONLY, USECONFG, WRAP-ENC and WRAP-ECB not supported.
IBM eServer zSeries 990

IBM eServer zSeries 890

PCI X Cryptographic Coprocessor

Crypto Express2 Coprocessor

ENH-ONLY, USECONFG, WRAP-ENC and WRAP-ECB not supported.
IBM System z9 EC

IBM System z9 BC

Crypto Express2 CoprocessorENH-ONLY, USECONFG, WRAP-ENC and WRAP-ECB not supported.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014