IBM 2 Computer Hardware User Manual


 
Clear_Key_Import CCA Release 2.54
Clear_Key_Import (CSNBCKI)
Platform/
Product
OS/2 AIX Win NT/
2000
OS/400
IBM 4758-2/23 X X X X
The Clear_Key_Import verb enciphers a clear, single-length DES key under a
symmetric master-key. The resulting key is a DATA key because the service
requires that the resulting internal key-token have a DATA control-vector. You can
use this verb to create an internal key-token from a null key-token, or you can
update an existing internal DATA key-token with the enciphered value of the clear
key. (You can create other types of DES keys from clear-key information using the
Key_Part_Import verb.)
If the clear-key value does not have odd parity in the low-order bit of each byte, the
reason_code parameter presents a warning.
Also see the Multiple_Clear_Key_Import verb on page 5-71.
Restrictions
None
Format
CSNBCKI
return_code Output Integer
reason_code Output Integer
exit_data_length In/Output Integer
exit_data In/Output String exit_data_length bytes
clear_key Input String 8 bytes
target_key_identifier In/Output String 64 bytes
Parameters
For the definitions of the return_code, reason_code, exit_data_length, and exit_data
parameters, see “Parameters Common to All Verbs” on page 1-11.
clear_key
The clear_key parameter is a pointer to a string variable containing the clear
value of the DES key being imported as a DATA key. The key is to be
enciphered under the symmetric master-key. Although not required, the
low-order bit in each byte should provide odd parity for the other bits in the
byte.
target_key_identifier
The target_key_identifier parameter is a pointer to a string variable. If the key
token in application storage or key storage is null, then a DATA key-token
containing the encrypted clear-key replaces the null token. Otherwise, the
preexisting token must be a DATA key-token and the encrypted clear-key
replaces the existing key-value.
5-22 IBM 4758 CCA Basic Services, Release 2.54, February 2005