In SDK 6.0, Public Key Cryptographic Standards #11 (PKCS#11) is implemented on Java for z/OS using the IBMPKCS11Impl provider. This provider uses the Java Cryptography Extension (JCE) and Java Cryptography Architecture (JCA) frameworks to add the capability to use hardware cryptographic devices via PKCS#11 interfaces. The IBMPKCS11Impl provider API specification and reference document, and the supported IBMPKCS11Impl public classes and methods are on IBM's developerWorks web site. See Java SE 6 release for the PKCS#11 Implementation Provider.
The IBMPKCS11Impl provider uses Integrated Cryptographic Services Facility (ICSF) that includes the PKCS#11 C language application programming interfaces (C APIs) on z/OS for its implementation of the PKCS#11 standard. Information regarding the ICSF PKCS#11 support is primarily available in the publication z/OS Cryptographic Services Integrated Cryptographic Services Facility Writing PKCS#11 Applications, SA23-2231. See the z/OS library for other publications, such as the z/OS Cryptographic Services Integrated Cryptographic Services Facility Administrator's Guide, SA22-7521 which contains information about PKCS#11 on z/OS.
To download a copy of the documentation for the IBMPKCS11Impl provider, see the Security documentation on developerWorks. In addition to this cross platform information, z/OS-specific information for IBMPKCS11Impl can be found in the z/OS IBMPKCS11Impl Guide.
For use of the PKCS#11 Implemenation Provider Support, your z/OS operating system must be z/OS V1R9 or above.
See z/OS IBMPKCS11Impl Guide for restrictions and other considerations.