z/OS Cryptographic Services ICSF Writing PKCS #11 Applications
Previous topic |
Next topic
|
Contents
|
Index
|
Contact z/OS
|
Library
|
PDF
Contents (exploded view)
z/OS Cryptographic Services ICSF Writing PKCS #11 Applications
SA23-2231-05
Writing PKCS #11 Applications
Cryptographic Services ICSF: Writing PKCS #11 Applications
Overview of z/OS support for PKCS #11
Tokens
The token data set (TKDS)
Options for the TKDS in the ICSF installation options data set
The TKDSN option
The SYSPLEXTKDS option
Sample job to define the TKDS
Controlling access to tokens
Managing tokens
Sample scenario for setting up z/OS PKCS #11 tokens
Auditing PKCS #11 functions
Component trace for PKCS #11 functions
Object types
Session objects
Token objects
Operating in compliance with FIPS 140-2
Requiring signature verification for ICSF module CSFINPV2
Requiring FIPS 140-2 compliance from all z/OS PKCS #11 applications
Requiring FIPS 140-2 compliance from select z/OS PKCS #11 applications
Specifying FIPS 140-2 compliance from within a z/OS PKCS #11 application
Preparing to use PKCS #11 applications
Tasks for the system programmer
Tasks for the security administrator
Tasks for the auditor
Tasks for application programmers
The C API
Using the C API
Deleting z/OS PKCS #11 tokens
Environment
Cross memory considerations
Key types and mechanisms supported
Objects and attributes supported
Library, slot, and token information
Functions supported
Standard functions supported
Non-standard functions supported
Function return codes
Troubleshooting PKCS #11 applications
The testpkcs11 program
Running the pre-compiled version of testpkcs11
Steps for running the pre-compiled version of testpkcs11
Building testpkcs11 from source code
Steps for building testpkcs11 from source code
ICSF PKCS #11 callable services
SMP/E installation data sets, directories, and files
Source code for the testpkcs11 sample program
Index for ICSF Writing PKCS #11 Applications
Copyright IBM Corporation 1990, 2014