Filter
Top Products
CCA Release 2.54 PKA_Key_Import
PKA_Key_Import (CSNDPKI)
Platform/
Product
OS/2 AIX Win NT/
2000
OS/400
IBM 4758-2/23 X X X X
The PKA_Key_Import verb is used to import a public-private key-pair. A private
key must be accompanied by the associated public key. A source private-key may
be in the clear or it may be enciphered.
Generally you obtain the key token from the PKA_Key_Generate verb. If the key
originates in a non-CCA system, you can use the PKA_Key_Token_Build verb to
create the source_key_token.
The verb will decipher the private key using the DES IMPORTER key identified by
the transport_key_identifier when the source private-key is enciphered.
Imported keys are returned in an internal target_key_identifier with the private key
enciphered by the asymmetric master-key.
Restrictions
Not all IBM implementations of this verb may support an optimized form of the
RSA private-key. Check the product-specific literature. The IBM 4758 product
family implementation supports an optimized RSA private key (a key in
“Chinese Remainder” form).
With Version 2, a clear, external RSA private-key in modulus-exponent format
is presented in a key section type X'02'. When imported, the enciphered
private-key is returned in a X'06' type private-key key-token section.
Not all IBM implementations of this verb support the use of a key label with the
target-key identifier. Check the product-specific literature.
Format
CSNDPKI
return_code Output Integer
reason_code Output Integer
exit_data_length In/Output Integer
exit_data In/Output String exit_data_length bytes
rule_array_count Input Integer zero
rule_array Input String
array
rule_array_count * 8 bytes
source_key_token_length Input Integer
source_key_token Input String source_key_token_length
bytes
transport_key_identifier Input String 64 bytes
target_key_identifier_length In/Output Integer
target_key_identifier In/Output String target_key_identifier_length
bytes
Chapter 3. RSA Key-Management 3-11