System SSL supports the generation of random bytes. This support is performed either by calling the ICSF CSFPPRF callable service or through a software implementation within System SSL. If ICSF is available during System SSL's runtime initialization, System SSL calls ICSF. If unavailable, System SSL's software implementation is used. If ICSF terminates or access to the ICSF callable service CSFPPRF is protected by a CSFSERV class profile and the application user is not authorized, the generation of random bytes is performed in software. For more information about the CSFSERV resource class, see RACF CSFSERV resource requirements.

If the System SSL application is FIPS enabled, see Random byte generation for more information about random bytes generation in FIPS mode.