Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Elliptic Curve Cryptography support z/OS Cryptographic Services System SSL Programming SC14-7495-00 |
||||||||||||||||||||||||||||||||||||||||||||
System SSL uses ICSF callable services for Elliptic Curve Cryptography (ECC) algorithm support. For ECC support through ICSF, ICSF must be initialized with PKCS #11 support. For more information, see z/OS Cryptographic Services ICSF System Programmer's Guide. In addition, the application user ID must be authorized for the appropriate resources in the RACF® CSFSERV class, either explicitly or through a generic resource profile. See Table 1 for the required CSFSERV resources for each ECC function. If the ICSF started task is not running as required or ECC support is otherwise unavailable, System SSL might fail if an ECC-based operation is required. In this event, notification is available through return or status codes and System SSL trace output. Current ICSF cryptographic support for ECC can be verified using the DISPLAY CRYPTO function of the SSL Started Task. See SSL started task for more information. ECC public/private keys must be defined over prime finite fields (Fp type fields) only; characteristic two finite fields (F2m type fields) are not supported. EC domain parameters may be defined using either the specifiedCurve format or the namedCurve format, as described in RFC 5480: Elliptic Curve Cryptography Subject Public Key Information. If the EC domain parameters are defined using the specifiedCurve format, then they must match a supported named curve. The following named curves are supported:
Note: In FIPS mode, only NIST recommended curves are currently supported.
Curves under 224 bits are not recommended.
For data signature generation and verification operations
involving ECC-based algorithms, z/OS® System
SSL supports ECDSA with SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512
digest algorithms. When creating signed certificates using the System
SSL certificate management utility, gskkyman, or through CMS
APIs that use a default digest algorithm, the recommended digest for
the ECC key size of the signing private key is used (as specified
in the following table).
System SSL regards certain EC named curves to be the default curve
for their key size. For CMS APIs that require ECC key generation and
accept a key size parameter only, the default curve for the key size
specified is used. These default EC named curves are outlined in the
following table.
|
Copyright IBM Corporation 1990, 2014
|