========================================================
-----Original Message-----
From: "Paul Gilmartin" <[EMAIL PROTECTED]>
Sent: 6/11/2005 10:48 AM
To: "IBM-MAIN@BAMA.UA.EDU" <IBM-MAIN@BAMA.UA.EDU>
Subject: Re: Encryption
In a recent note, Bruce Black said:
> Date: Fri, 10 Jun 2005 10:49:53 -0400
>
> The new instructions which invoke the z890/z990 cryptographic
> co-processor are documented in the latest PoPs.
>
Ummm. The best I can find is:
Linkname: CONTENTS "z/Architecture Principles of Operation" IBM Library
Server
URL: http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003
Title: z/Architecture Principles of Operation
Document Number: SA22-7832-03
Build Date: 05/04/04 12:13:20 Build Version: 1.3.1 of BUILD/VM
Version: UG03935 DropDate: Thursday August 8, 2003
Book Path: /home/webapps/epubs/htdocs/book/dz9zr003.boo
with:
# 2.3.7 "z/Architecture Principles of Operation"
___________________________________________________________________
2.3.7 Cryptographic Facility
Depending on the model, an integrated cryptographic facility may be
provided as an extension of the CPU. When the cryptographic facility is
provided on a CPU, it functions as an integral part of that CPU. A
summary of the benefits of the cryptographic facility is given on page
1.3; the facility is otherwise not described.
And, irritatingly the "Hardware" link on:
Linkname: IBM: z/OS Internet Library - Technical documentation and
literature for the z/OS platform
URL: http://www-1.ibm.com/servers/eserver/zseries/zos/bkserv/
... takes me to S/390 hardware.
-- gil
--
StorageTek
INFORMATION made POWERFUL
========================================================
The original encryption instructions for the ICRF were
supervisor state only. They provided single cipher, chained
cipher, and various PIN and message authentication
verification. IBM chose not to document the instructions
for various reasons, including reserving the freedom
to change the specifications. Only the software ICSF used
the machine instructions, so changing the ICRF specifications
would only affect the software in the ICSF.
I wrote ICRF emulation code for the Amdahl 5990 using
the IBM internal documentation (TIDA) that Amdahl had
to buy from IBM. The entire ICRF hardware is somewhat
daunting with very complex algorithms.
The ciphering instructions have been copied to new opcodes
and made available for problem state. The original opcodes for
the supervisor state instructions will likely go away after
a time and the opcodes will be recycled for something else.
Opcode real estate is still very valuable, so it will make
sense to reuse the obsolete undocumented opcodes for newer
features.
btw: The original chained ciphering was the first instruction
that I noticed that had the "come up for air" condition code
that ends the operation early. It was condition code 2.
Now, IBM seems to have standardized on using condition
code 3 for "come up for air" early end. Much better IMHO.
Jeffrey D. Smith
Farsight Systems Corporation
24 BURLINGTON DR
LONGMONT, CO 80501
303-774-9381
http://www.farsight-systems.com
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
