IBM Support

OA66853: EFOPENPGP CSD0748I UNSUPPORTED SIGNATURE PACKET VERSION: 16 24/08/28 PTF PECHANGE

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Some Encryption Facility functions may fail with message

CSD0050I Command processing ended abnormally:
  CSD0748I Unsupported signature packet version: 16


Debug log output is showing com.ibm.encryptionfacility.openpgp
.data.packet.MalformedPacketException.

The EF version is CSD1430I IBM Encryption Facility for z/OS
V1.2 - APAR: OA65511

PE Information:
Users Affected: a key that was imported with OA65511 applied
might be written into the keyring incorrectly. it remains
corrupted even when OA65511 is removed
User Impact: corrupted key usage may fail with msgCSD0748I
Unsupported signature packet version: 16

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED: Users of EF with the APAR OA65511 applied    *
*                 who are performing key operations that       *
*                 involve rewriting the keyring which          *
*                 contains a key with an old format            *
*                 header packet.                               *
*                                                              *
*                 Users of EF who try to import a key which    *
*                 uses any algorithm that is not supported by  *
*                 EF will get a NullPointerException.          *
****************************************************************
* PROBLEM DESCRIPTION: While performing key operations that    *
*                      involve rewriting the keyring, the      *
*                      header length of any old format header  *
*                      packet is miscalculated.                *
*                                                              *
*                      When importing a key which uses any     *
*                      algorithm that is not supported by      *
*                      EF, EF throws a NullPointerException.   *
****************************************************************
Problem Summary
---------------------------------------------------------------
While performing key operations that involve rewriting the
keyring, the header length of any old format header packet is
miscalculated.

When importing a key which uses any algorithm that is not
supported by EF, EF throws a NullPointerException.

    



Problem conclusion


    

  • EF calculates the header length of old format header packets
as per the RFC 4880 standards.

When EF encounters keys with a miscalculated header length
while listing the keys, EF informs the user about any keys with
a miscalculated header length.

When EF encounters keys with a miscalculated header length while
deleting any keys by keyID(-xK)/userID(-xP), EF deletes the
specified keys as well as any keys with a miscalculated header
length.

When EF encounters a key with any algorithm that is not
supported by EF, the following error message is displayed:

Error Message: CSD0720I Unsupported asymmetric algorithm ID for
V4 signatures: 22

The following changes were made to "Using Encryption Facility
for OpenPGP" (SA23-2230):

- The following messages were added in "Chapter 5. Encryption
Facility for OpenPGP messages":

    CSD0789I Key associated with the user user_id does not
    contain a valid OpenPGP certificate, delete the key and
    retry.
    Explanation: Encryption Facility encountered an invalid
    OpenPGP certificate. Data is probably corrupted.
    In the message text:
    user_id User ID
    System action: Processing continues.
    User response: Delete the invalid OpenPGP certificate.

    CSD0790I Key associated with the user user_id does not
    contain a valid OpenPGP certificate, deleting the key.
    Explanation: Encryption Facility encountered an invalid
    OpenPGP certificate. Data is probably corrupted.
    In the message text:
    user_id User ID
    System action: Processing continues.
    User response: None.

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    OA66853
    • 

  • Reported component name
    ENCRYPTION FACI
    • 

  • Reported component ID
    5752XXFIL
    • 

  • Reported release
    740
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    YesPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2024-08-09
    • 

  • Closed date
    2025-02-14
    • 

  • Last modified date
    2025-03-04
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
UJ96678
    

    • 



Modules/Macros


    

  • CSDENC17 CSDENCRY

    




Publications Referenced


SA232230XX    





Fix information


    

  • Fixed component name
    ENCRYPTION FACI
    • 

  • Fixed component ID
    5752XXFIL
    • 



Applicable component levels


    

  • R740  PSY  UJ96678
       UP25/02/15  P  F502  {
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU011","label":"Systems - zSystems software"},"Product":{"code":"SG19O"},"Platform":[{"code":"PF054","label":"z Systems"}],"Version":"740"}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            04 March 2025
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback