IBM 2 Computer Hardware User Manual


 
Data_Key_Import CCA Release 2.54
Restrictions
Starting with Release 2.41, unless you enable the Unrestrict Data Key Import
command (offset X'027C'), an IMPORTER transport key having replicated
key-halves is not permitted to import a key having unequal key-halves. (Note that
key parity bits are ignored.)
Format
CSNBDKM
return_code Output Integer
reason_code Output Integer
exit_data_length In/Output Integer
exit_data In/Output String exit_data_length bytes
source_key_token Input String 64 bytes
importer_key_identifier Input String 64 bytes
target_key_identifier In/Output String 64 bytes
Parameters
For the definitions of the return_code, reason_code, exit_data_length, and exit_data
parameters, see “Parameters Common to All Verbs” on page 1-11.
source_key_token
The source_key_token parameter is a pointer to a string variable containing the
external key-token to be imported. Only a DATA key can be imported.
importer_key_identifier
The importer_key_identifier parameter is a pointer to a string variable
containing the (IMPORTER) transport key or the key label of the (IMPORTER)
transport key used to decipher the source key.
target_key_identifier
The target_key_identifier parameter is a pointer to a string variable containing a
null key-token, an internal key-token, or the key label of an internal key-token
or null key-token record in key storage. The key token receives the imported
key.
Required Commands
The Data_Key_Import verb requires the Data Key Import command (offset
X'0109') to be enabled in the active role.
By also specifying the Unrestrict Data Key Import command (offset X'027C'), you
can permit a less secure mode of operation that enables an equal key-halves
IMPORTER key-encrypting-key to import a key having unequal key-halves (key
parity bits are ignored).
5-34 IBM 4758 CCA Basic Services, Release 2.54, February 2005