Previous topic |
Next topic |
Contents |
Index |
Contact z/OS |
Library |
PDF
Usage Notes z/OS Cryptographic Services ICSF Application Programmer's Guide SA22-7522-16 |
|||||||||||||||||||||||||||||||||||||||||||||||||
SAF may be invoked to verify the caller is authorized to use this callable service, the key label, or internal secure key tokens that are stored in the CKDS or PKDS. PIN block formats are more rigorously validated on the IBM zSeries 990 and subsequent releases than on CCF systems. Some PIN block formats are known by several names. This table shows the additional names.
This table lists the PIN block variant constants (PBVC) to be used. Note:
PBVC
is NOT supported on the IBM zSeries 990 and subsequent releases. If
PBVC is specified in the format control parameter of the PIN profile,
the Encrypted PIN translate service will not be routed to a PCI Cryptographic Coprocessor for
processing. This means that only control vectors and extraction methods
valid for the Cryptographic Coprocessor Feature may be used if PBVC formatting is desired. It
is recommended that a format control of NONE be used for maximum flexibility.
The following table shows the access control points in the ICSF role that control the function of this service.
If any of the Unique Key per Transaction rule array keywords are specified, the UKPT - PIN Verify, PIN Translate access control point must be enabled. This table lists the required cryptographic hardware for each server type and describes restrictions for this callable service.
|
Copyright IBM Corporation 1990, 2014
|