I vaguely remember seeing references that IBM machines shipped to some countries are missing the cryptographic features due to export restrictions. Does anyone know if disablement of the cryptographic functions affects the SHA functions of the KIMD/KLMD instructions? Or can I assume that if the machine is a z9 or higher, the SHA-1 function at a minimum will be available?
Basically, if we require our software to be run on z9 or later hardware, can we ship software that uses KLMD with the SHA-1 function and not have it fail due to that function not being available? And no, I really don't want to dual path the code with my own implementation of SHA-1 when I can't use KLMD. Robert Ngan CSC Financial Services Group
