A number of service
provider modules may be provided with the OCSF. These modules can be incorporated
into applications to perform cryptographic security operations. The modules
include:
- Cryptographic Service Provider Module - There are five cryptographic
modules that may be provided with OCSF.
- IBM Software Cryptographic Service Provider, Version 1.0
Note:
This provider differs in the maximum key strength allowed for various symmetric
and asymmetric encryption algorithms.
- IBM Weak Software Cryptographic Service Provider, Version 1.0
Note:
This provider differs in the maximum key strength allowed for various symmetric
and asymmetric encryption algorithms.
- IBM Software Cryptographic Service Provider 2, Version 1.0
Note:
This provider may be used in place of or in addition to IBM Cryptographic
Service Provider, Version 1.0.
- IBM Weak Software Cryptographic Service Provider 2, Version 1.0
Note:
This provider may be used in place of or in addition to IBM WEAK
Software Cryptographic Service Provider, Version 1.0.
- IBM CCA Cryptographic Module, Version 1.0.
- Trust Policy Module - There are two trust policy modules that may be provided
with OCSF.
- IBM Standard Trust Policy Library, Version 1.0
- IBM Extended Trust Policy Library, Version 1.0.
- Certificate Library Module - There is one supported certificate library
module that is provided with OCSF.
- IBM Certificate Library, Version 1.0
Note:
There is an additional
certificate library module that is internal, it is the IBM Internal Certificate
Library, Version 1.0
- Data Store Library Module - There is two data store library modules that
may be provided with OCSF.
- IBM Data Library, Version 1.0
- IBM LDAP Data Library, Version 1.0
The OCSF API functions supported by each service of the provider modules
are outlined in the Data Store Library Module. For detailed information on
the behavior of the individual APIs, refer to the z/OS Open Cryptographic Services Facility Service Provider Module Developer’s Guide and Reference.
|