Overview of hardware cryptographic features and System SSL

System SSL might use ICSF or the CPACF for cryptographic hardware support, if they are available. Cryptographic hardware support provides performance benefits over software processing and might be used for particular cryptographic algorithms instead of the System SSL software algorithms. System SSL also uses ICSF for cryptographic algorithms that are not supported within the software of System SSL (for example, Elliptic Curve Cryptography). For algorithms for which System SSL has software versions, System SSL checks for hardware support during its runtime initialization and uses the support if available, unless the application specifies otherwise. See Environment variables for information about the GSK_HW_CRYPTO environment variable (which specifies whether the hardware cryptographic support is used).

When using a secure key (a key stored either in the ICSF PKDS or a PKCS #11 token) or an algorithm that is not supported within System SSL's software, System SSL always uses ICSF for the cryptographic operation. If ICSF is not available, the operation fails.

Start of changeSystem SSL uses the CPACF directly for symmetric encryption algorithms DES, 3DES, and AES-CBC, and SHA based digest algorithms. If the algorithm is not available in the CPACF, System SSL uses its internal software implementation.End of change

Start of changeIf during System SSL run-time initialization, System SSL detects the presence of a cryptographic card or cards, it will call ICSF to perform RSA signature and encryption operations supported by the available card or cards. If there are no cards or ICSF is not available, System SSL uses its internal software implementations. If a cryptographic card becomes available after System SSL's run-time initialization, System SSL will not detect the presence of the card.End of change

If a severe ICSF error occurs during a clear key RSA operation, System SSL stops using the hardware support and reverts to using the software algorithms, when applicable. In this event, hardware failure notification is available through the SSL Started Task or SSL trace output, if either facility is enabled. The SSL Started Task outputs an error message to the console on the first occurrence of the hardware failure and to the system log on any subsequent events. A message showing the failing encryption algorithm appears in the system log only. Subsequent cryptographic operations for the current SSL application that attempt to use this algorithm is performed in software. When the severe problem with ICSF is resolved, System SSL functionality will attempt to utilize ICSF services again for clear key RSA operations.

When using a secure key (a key stored either in the ICSF PKDS or a PKCS #11 token) or an algorithm that is not supported within System SSL's software (ECC, AES-GCM, and ChaCha20), System SSL always uses ICSF for the cryptographic operation. If ICSF is not available when these algorithms are called upon, the operation fails. Clear key ECC, AES-GCM, and ChaCha20 operations use ICSF PKCS #11 support. For more information about ECC cryptographic support, see Elliptic Curve Cryptography support.

Note: System SSL can use secure key support for RSA, DSA, and ECC through ICSF. System SSL does not use secure symmetric keys except for the symmetric key that is used to encrypt the private key being encrypted by the gsk_make_enveloped_private_key_msg() API.
Table 1 describes the hardware cryptographic functions that are used by System SSL or through ICSF under different hardware configurations when in non-FIPS mode. For FIPS mode hardware exploitation, see Algorithm support: FIPS and non-FIPS.
Table 1. Hardware cryptographic functions used by System SSL
  IBM z13/z13s IBM z14/z14 ZR1 IBM z15/IBM z15 T02 IBM z16
Algorithm CPACF CEX5C CEX5A CEX5P CPACF CEX5C/CEX6C CEX5A/CEX6A CEX5P/CEX6P CPACF CEX5C/CEX6C/CEX7C CEX5A/CEX6A/CEX7A CEX5P/CEX6P/CEX7P CPACF CEX6C/CEX7C/CEX8C CEX6A/CEX7A/CEX8A CEX6P/CEX7P/CEX8P
3DES X       X       X       X      
AES 128-bit X       X       X       X      
AES 256-bit X       X       X       X      
AES-GCM 128-bit X       X       X       X      
AES-GCM 256-bit X       X       X       X      
DES X       X       X       X      
ECC Key Generation                 X       X      
ECDSA Digital Signature Generate (Secure Private key)   X   X   X   X   X   X   X   X
Start of changeECDSA Digital Signature Verification (Clear public key)End of change   X       X     X X     X X    
Start of changeElliptic Curve Diffie-Hellman (ECDH/ECDHE) key derivationEnd of change   X   X   X   X X X   X X X   X
RSA Decrypt (Clear Private Key)   X X     X X     X X     X X  
RSA Decrypt (Secure Private Key)   X   X   X   X   X   X   X   X
RSA Digital Signature Generate (Clear or Secure Private key)   X  
X
Secure
key
only.
   X  
X
Secure
key
only.
   X  
X
Secure
key
only.
   X  
X
Secure
key
only.
RSA Digital Signature Verification (Clear Public Key)   X X     X X     X X     X X  
RSA Encrypt (Clear Public Key)   X X     X X     X X     X X  
RSASSA-PSS signature generation (Clear RSA private key)   X X     X X     X X     X X  
RSASSA-PSS signature generation (Secure RSA private key)   X   X   X   X   X   X   X   X
RSASSA-PSS signature verification (Clear RSA public key)   X X     X X     X X     X X  
SHA-1 X       X       X       X      
SHA-2
(SHA-224)
 X       X       X       X      
SHA-2
(SHA-256)
 X       X       X       X      
SHA-2
(SHA-384)
 X       X       X       X      
SHA-2
(SHA-512)
 X       X       X       X      
Note: X = Algorithm supported.