Filter
Top Products
CCA Release 2.54 Diversified_Key_Generate
Keyword Meaning
TDES-ENC Specifies that 8 or 16 bytes of clear (not encrypted) data shall
be triple-DES encrypted with the generating key to create the
generated key. If the generated_key_identifier variable
specifies a single-length key, then 8 bytes of clear data is
triple-DES encrypted. If the generated_key_identifier variable
specifies a double-length key, then 16 bytes of clear data is
triple-DES encrypted in ECB mode.
The key selected by the generating_key_identifier must
specify a DKYGENKY key-type that has the appropriate
control vector usage bits (bits 19-22) set for the desired
generated key.
Control vector bits 12-14 binary encode the key-derivation
sequence level (DKYL7 down to DKYL0, see DKYGENKY on
page C-6). The final key is derived when bits 12 to 14 are
B'000'. The verb verifies the incremental relationship
between the value in generated_key_identifier control vector
and the generating_key_identifier control vector. Or in the
case when the generated_key_identifier is a null-token, the
appropriate counter value is placed into the output key-token.
The data_decrypting_key_identifier must identify a null
key-token.
A key token identified by the generated_key_identifier variable
that is not a null key-token must contain a control vector that
specifies a single-length or double-length key having a key
type consistent with the specification in bits 19-22 of the
generating key.
TDES-DEC Specifies that 8 or 16 bytes of clear (not encrypted) data shall
be triple-DES decrypted with the generating key to create the
generated key. If the generated_key_identifier variable
specifies a single-length key, then 8 bytes of clear data is
triple-DES decrypted. If the generated_key_identifier variable
specifies a double-length key, then 16 bytes of clear data is
triple-DES decrypted in ECB mode.
The key selected by the generating_key_identifier must
specify a DKYGENKY key-type that has the appropriate
control vector usage bits (bits 19-22) set for the desired
generated key.
Control vector bits 12-14 binary encode the key-derivation
sequence level (DKYL7 down to DKYL0, see DKYGENKY on
page C-6). The final key is derived when bits 12 to 14 are
B'000'. The verb verifies the incremental relationship
between the value in generated_key_identifier control vector
and the generating_key_identifier control vector. Or in the
case when the generated_key_identifier is a null-token, the
appropriate counter value is placed into the output key-token.
The data_decrypting_key_identifier must identify a null
key-token.
A key token identified by the generated_key_identifier variable
that is not a null key-token must contain a control vector that
specifies a single-length or double-length key having a key
type consistent with the specification in bits 19-22 of the
generating-key.
Chapter 5. DES Key-Management 5-37