IBM Weak Software Cryptographic Service Provider, Version 1.0

Regarding Use of the IBM Weak Software Cryptographic Service Provider

Portions of the IBM Weak Software Cryptographic Service Provider contained in the Open Cryptographic Services Facility base of OS/390 contain software code provided by RSA Data Security, Inc.

Prior to utilizing the OS/390 Open Cryptographic Services APIs of the IBM Weak Software Cryptographic Service Provider functionality contained in the OCSF base for purposes of development and test only, you must provide your company name, company contact name, address and telephone number to RSA Data Security, Inc. (RSA), by sending this information to:

Email: sales@rsa.com <mailto:sales@rsa.com> or

RSA Data Security, Inc.
2955 Campus Drive, Suite 400
San Mateo, CA 94403-2507
Attention: SALES or

FAX: 650-295-7770
Attention: SALES.

Prior to using (except for test or development purposes), marketing, selling or distributing applications developed by you that directly utilize the Open Cryptographic Services Facility Cryptographic Services APIs of the IBM Weak Software Cryptographic Service Provider functionality ( i.e., utilizing the Open Cryptographic Services Facility Cryptographic Services APIs of the IBM Weak Software Cryptographic Service Provider contained in the OCSF base), you must first obtain (if you have not already done so) a license from RSA for that application.

The files required for the IBM Weak Software Cryptographic Service Provider, Version 1.0 are:

The Weak Software Cryptographic Provider offers the same OCSF API functions as the Software Cryptographic Service Provider (see Table 1), except for DES and 3DES_3KEY.

The maximum cryptographic strengths allowed are 40 bit for RC2, RC4, and RC5. The maximum cryptographic strengths allowed are 512 bits for RSA and DSA requests.