Support User Manuals

IBM 2 Computer Hardware User Manual

Open as PDF

of 508

Diversified_Key_Generate CCA Release 2.54

 Returns the diversified key, multiply-enciphered by the master key modified by

the control vector.

Restrictions

The TDES-XOR rule-array keyword is available starting with Release 2.50. The

TDESEMV2 and TDESEMV4 rule-array keywords are available starting with

Release 2.51.

Format

CSNBDKG

return_code Output Integer

reason_code Output Integer

exit_data_length In/Output Integer

exit_data In/Output String exit_data_length bytes

rule_array_count Input Integer one

rule_array Input String

array

rule_array_count * 8 bytes

generating_key_identifier In/Output String 64 bytes

data_length Input Integer

data Input String data_length bytes

data_decrypting_key_identifier In/Output String 64 bytes

generated_key_identifier In/Output String 64 bytes

Parameters

For the definitions of the return_code, reason_code, exit_data_length, and exit_data

parameters, see “Parameters Common to All Verbs” on page 1-11.

rule_array_count

The rule_array_count parameter is a pointer to an integer variable containing

the number of elements in the rule_array variable. The value must be one for

this verb.

rule_array

The rule_array parameter is a pointer to a string variable containing an array of

keywords. The keywords are eight bytes in length, and must be left-justified

and padded on the right with space characters. The rule_array keywords are

shown below:

Keyword Meaning

Process rule (required)

CLR8-ENC Specifies that eight bytes of clear (not encrypted) data shall

be triple-DES encrypted with the generating key to create

generated key. The encryption process is like that shown in

Figure C-4 on page C-13 for a single-length key with a

control vector valued to binary zero.

The key selected by the generating_key_identifier must

specify a KEYGENKY key-type also with control vector bit 19

set to one.

The key identified by the data_decrypting_key_identifier must

identify a null key-token.

The key token identified by the generated_key_identifier

variable must contain a control vector that specifies a

single-length key of one of these types: DATA, CIPHER,

ENCIPHER, DECIPHER, MAC, or MACVER.

5-36 IBM 4758 CCA Basic Services, Release 2.54, February 2005

previous next