69209 - Added support for the ICSFST2 internal call for AES encryption under z/OS

Problem Note 69209: Added support for the ICSFST2 internal call for AES encryption under z/OS

Advanced Encryption Standard (AES) encryption under z/OS requires IBM Integrated Cryptographic Service Facility (ICSF) and PKA callable services to be enabled.

The ICSFSTAT internal call reports PKA callable services as enabled only after the Data Encryption Standard (DES) master key is loaded and valid. ICSFSTAT does not report PKA callable services as enabled when only the AES master key is loaded and valid. ICSFST2 element 3 reports PKA callable services as enabled when the DES and/or AES master key are loaded and valid.

Support for ICSFST2 calls was added in addition to ICSFSTAT calls.

Click the Hot Fix tab in this note to access the hot fix for this issue.

Operating System and Release Information

Product Family	Product	System	Product Release		SAS Release
			Reported	Fixed*	Reported	Fixed*
SAS System	SAS/SECURE	z/OS	9.4_M6	9.41_M5	9.4 TS1M6	9.4 TS1M8
		z/OS 64-bit	9.4_M6	9.41_M5	9.4 TS1M6	9.4 TS1M8

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

A fix for this issue for Base SAS 9.4_M7 is available at:

https://tshf.sas.com/techsup/download/hotfix/HF2/I9R.html#69209

A fix for this issue for Base SAS 9.4_M6 is available at:

https://tshf.sas.com/techsup/download/hotfix/HF2/D9T.html#69209

A fix for this issue for SAS/SECURE 9.41_M3 is available at:

https://tshf.sas.com/techsup/download/hotfix/HF2/D9J.html#69209

Type:	Problem Note
Priority:	medium

Date Modified:	2024-08-23 12:58:30
Date Created:	2022-05-19 21:35:57