Java Public Key Cryptographic Standards #11 Implementation Provider Overview

(December, 2007)

Table of Contents


In SDK 6.0, Public Key Cryptographic Standards #11 (PKCS#11) is implemented on Java for z/OS using the IBMPKCS11Impl provider. This provider uses the Java Cryptography Extension (JCE) and Java Cryptography Architecture (JCA) frameworks to add the capability to use hardware cryptographic devices via PKCS#11 interfaces. The IBMPKCS11Impl provider API specification and reference document, and the supported IBMPKCS11Impl public classes and methods are on IBM's developerWorks web site.Refer to the Java Security information page for more information on the PKCS#11 Implementation Provider.

The IBMPKCS11Impl provider uses Integrated Cryptographic Services Facility (ICSF) that includes the PKCS#11 C language application programming interfaces (C APIs) on z/OS for its implementation of the PKCS#11 standard. Information regarding the ICSF PKCS#11 support is primarily available in the publication z/OS Cryptographic Services Integrated Cryptographic Services Facility Writing PKCS#11 Applications, SA23-2231. See the z/OS library for other publications, such as the z/OS Cryptographic Services Integrated Cryptographic Services Facility Administrator's Guide, SA22-7521 which contains information about PKCS#11 on z/OS.

Online documentation and samples

To download a copy of the documentation for the IBMPKCS11Impl provider, see the IBM Java PKCS 11 Implementation Provider online reference.In addition to this cross platform information, z/OS-specific information for IBMPKCS11Impl can be found in the z/OS IBMPKCS11Impl Guide.


For use of the PKCS#11 Implemenation Provider Support, your z/OS operating system must be z/OS V1R9 or above.

See z/OS IBMPKCS11Impl Guide for restrictions and other considerations.

Browse z/OS