Module Name
IBM® z/OS® Version 2 Release 1 Security Server RACF® Signature Verification Module [1], IBM® z/OS® Version 2 Release 2 Security Server RACF® Signature Verification Module [2], IBM® z/OS® Version 2 Release 3 Security Server RACF® Signature Verification Module [3] and IBM® z/OS® Version 2 Release 4 Security Server RACF® Signature Verification Module [4][5]
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Module Type
Software-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
The z/OS RACF Program Signature Verification package consists of the core module (IRRPVERS) that is utilized when verifying signed code as it is loaded as well as an auxiliary module responsible for driving the initialization of IRRPVERS. The RACF Program Signature Verification module consists of software-based cryptographic algorithms, as well as hashing algorithms provided by the CP Assist for Cryptographic Function (CPACF).
Tested Configuration(s)
- IBM z/OS Version 2 Release 1 running on an IBM z13 [1]
- IBM z/OS Version 2 Release 2 running on an IBM z13 [2]
- IBM z/OS Version 2 Release 3 running on an IBM z14 [3]
- IBM z/OS Version 2 Release 4 running on an IBM z14 [4]
- IBM z/OS Version 2 Release 4 running on an IBM z15 [5] (single-user mode)
Hardware Versions
FC 3863 EC N98775 Drv 22H [1], FC 3863 EC P00339 Drv D27I [2], FC 3863 EC P42601 Drv D32L [3], FC 3863 EC P42601 Drv D32L [4] and FC 3863 EC P46601 D41C [5]
Software Versions
RACF level HRF7790 [1], RACF level HRF77A0 [2], RACF level HRF77B0 [3] and RACF level HRF77C0 [4][5]