IBM Support

IT15555: FIPS COMPLIANCE REQUIRES 2048 BYTE OR LARGER KEYS ON HSM

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • The Datapower HSM firmware will no longer create 1024 byte keys
    after upgrade to 7.0.0.14, 7.1.0.11, 7.2.0.8 or 7.5.0.2 (or
    later).  However, existing 1024 byte keys will continue to
    function.
    This is done to comply with NIST standards.  See technote for
    details:
    http://www-01.ibm.com/support/docview.wss?uid=swg21984581
    

Local fix

Problem summary

  • HSM adapter build changes naming convention requiring minor
    changes on DataPower firmware code.
    

Problem conclusion

  • Applied new naming convention as well as new HSM adapter build
    files.
    
    Fix is available in 7.0.0.14, 7.1.0.11, 7.2.0.8, 7.5.0.2 and
    7.5.1.2
    
    Link to technote:
    www.ibm.com/support/docview.wss?uid=swg21984581
    
    For a list of the latest fix packs available, please see:
    http://www-01.ibm.com/support/docview.wss?uid=swg21237631
    

Temporary fix

Comments

APAR Information

  • APAR number

    IT15555

  • Reported component name

    DATAPOWER

  • Reported component ID

    DP1234567

  • Reported release

    720

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-06-02

  • Closed date

    2016-07-25

  • Last modified date

    2016-09-16

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • 0
    

Fix information

  • Fixed component name

    DATAPOWER

  • Fixed component ID

    DP1234567

Applicable component levels

  • R751 PSY

       UP



Document information

More support for: IBM DataPower Gateways
General

Software version: 7.2

Reference #: IT15555

Modified date: 16 September 2016