z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


PKCS #11 Private key sign (CSFPPKS and CSFPPKS6)

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

Use the PKCS #11 private key sign callable service to:

  • Decrypt or sign data using an RSA private key using zero-pad or PKCS #1 v1.5 formatting
  • Sign data using a DSA private key
  • Sign data using an Elliptic Curve private key in combination with DSA

The key handle must be a handle of a PKCS #11 private key object. When the request type keyword DECRYPT is specified in the rule array, CKA_DECRYPT attribute must be true. When no request type is specified, the CKA_SIGN attribute must be true.

The callable service can be invoked in AMODE(24), AMODE(31), or AMODE(64). 64-bit callers must use CSFPPKS6.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014