IBM Support

IV19220: IBMPKCS11IMPL SECURITY PROVIDER DOES NOT SUPPORT DSA KEY SIZES > 2048

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Error Message: The user was experiencing problems while trying
    to use DSA key sizes>2048 with the IBMPKCS11Impl provider.
    .
    Stack Trace: N/A
    .
    

Local fix

Problem summary

  • The user was experiencing problems while trying to use DSA key
    sizes>2048 with the IBMPKCS11Impl provider.
    

Problem conclusion

  • This defect will be fixed in:
    7.0.0 SR1
    6.0.0 SR11
    5.0.0 SR14
    .
    Many crypto adapters do not yet support DSA keys>2048.
    Also, the current PKCS#11 spec and FIPS PUB 186-2 currently
    contain no awareness of DSA keys>2048.
    The IBMPKCS11Impl provider has been modified to throw an
    appropriate exception whenever the user attempts to generate or
    translate a DSA key>2048.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV19220

  • Reported component name

    JAVA 5 SECURITY

  • Reported component ID

    620500125

  • Reported release

    500

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2012-04-09

  • Closed date

    2012-04-09

  • Last modified date

    2012-04-09

  • APAR is sysrouted FROM one or more of the following:

    IV19219

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    JAVA 5 SECURITY

  • Fixed component ID

    620500125

Applicable component levels

  • R500 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.0","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
07 December 2020