A fix is available
APAR status
Closed as new function.
Error description
New Function for SMP/E
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * * All users of GIMZIP, GIMUNZIP, GIMGTPKG, * * RECEIVE FROMNET and RECEIVE ORDER. * **************************************************************** * PROBLEM DESCRIPTION: * * Update GIMZIP to optionally digitally * * sign packages. * * * * Update GIMUNZIP, GIMGTPKG, RECEIVE * * FROMNET, RECEIVE ORDER to optionally * * verify the signature for signed GIMZIP * * packages. * **************************************************************** * RECOMMENDATION: * **************************************************************** The GIMZIP service routine is used to create transportable packages containing already installed software, or SMP/E consumables such as SYSMODs, RELFILE data sets, and HOLDDATA. GIMZIP is updated to optionally digitally sign the packages it generates. The RECEIVE FROMNET, RECEIVE ORDER commands, and the GIMGTPKG service routine download GIMZIP packages from remote servers to z/OS. They are updated to optionally verify the signature of signed GIMZIP packages during the download process. The GIMUNZIP service routine extracts content from the archive files in GIMZIP packages. It too is updated to optionally verify the signature of signed GIMZIP packages before extracting the content from the archive files. Signing a GIMZIP package, and then verifying the signature of that package, increases confidence in the authenticity (who produced it?) and the integrity (has it changed in transit?) of the package. Package signing is implemented using public/private key technology; a private key is used to calculate a digital signature for package files, and the corresponding public key is used to verify the signatures. The key pair is associated with an X.509 certificate. A provider that wishes to produce signed GIMZIP packages must tell GIMZIP which certificate to use for the signing operation. A consumer that wishes to verify the signature of signed GIMZIP packages must tell RECEIVE FROMNET, RECEIVE ORDER, GIMGTPKG, and GIMUNZIP which trusted certificate authority (CA) certificate to use to validate the signing certificate for a package. GIMZIP, GIMUNZIP, GIMGTPKG, RECEIVE FROMNET, and RECEIVE ORDER have all been updated in SMP/E 3.7 to support the new GIMZIP package signing function. ** IBM plans to sign product packages (CBPDO and ServerPac) starting in May 2023 and service packages in 3Q2023. ** Keywords: DRVSYS/K
Problem conclusion
Temporary fix
Comments
×**** PE23/05/08 PTF IN ERROR. SEE APAR IO29097 FOR DESCRIPTION
APAR Information
APAR number
IO28360
Reported component name
SMP/E
Reported component ID
566894901
Reported release
J00
Status
CLOSED UR1
PE
NoPE
HIPER
NoHIPER
Special Attention
YesSpecatt / New Function / Xsystem
Submitted date
2021-04-12
Closed date
2022-12-09
Last modified date
2023-05-08
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UO02060 UO02061
Modules/Macros
GIMMPRCD GIMMPXML GIMMPRCN GIMJVCLT GIMJVSHA GIMJVLVL GIMMPRCO GIMHFRLF GIMLEVEL GIMMPRCS GIMMPRCY GIMZPPRC GIMMPRCX GIMMPSHA GIMZPDRV GIMJVSIG GIMM5JPN GIMMPDC2 GIMRRCMD GIMUZPRC GIMJVGCP GIMM5ENU GIMJVXFP GIMJVVFS GIMZPPR2 GIMJVCMD GIMKXENU GIMJVCMF
Fix information
Fixed component name
SMP/E
Fixed component ID
566894901
Applicable component levels
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU011","label":"Systems - zSystems software"},"Product":{"code":"SG19M"},"Platform":[{"code":"PF054","label":"z Systems"}],"Version":"J00"}]
Document Information
Modified date:
08 May 2023