Filter
Top Products
Diversified_Key_Generate CCA Release 2.54
generating_key_identifier
The generating_key_identifier parameter is a pointer to a string variable
containing the key-generating-key key-token or key label of a key-token record.
data_length
The data_length parameter is a pointer to an integer variable containing the
number of bytes of data in the data variable.
data
The data parameter is a pointer to a string variable containing the information
used in the key-generation process. This can be clear or encrypted information
based on the process rule specified in the rule array. Currently this variable
must contain clear data.
data_decrypting_key_identifier
The data_decrypting_key_identifier parameter is a pointer to a string variable
containing the data decrypting key-token or key label of a key-token record.
The specified process dictates the class of key. If the process rule does not
support encrypted data, point to a null key-token. Currently this variable must
contain a 64-byte null token.
generated_key_identifier
The generated_key_identifier parameter is a pointer to a string variable
containing the target internal key-token or the key label of the target key-token
record. Specify either an internal token or a skeleton token containing the
desired control vector of the generated key.
For the CLR8-ENC, TDESEMV2, TDESEMV4, and TDES-XOR processes,
a null token may not be specified
For the TDES-ENC or TDES-DEC processes, a null token may be specified
For the SESS-XOR process, a null token must be specified.
The generated key will be encrypted and returned in the specified token. The
control vector in the specified internal token must be suitable for the specified
process rule.
Required Commands
The Diversified_Key_Generate verb requires the following commands to be enabled
in the active role based on the keyword specified for the process rule:
When a key-generating key of key type DKYGENKY is specified with control vector
bits (19-22) of B'1111', the Generate Diversified Key (DALL with DKYGENKY key
type) command (offset X'0290') must also be enabled in the active role.
When using the TDES-ENC or TDES-DEC modes, you may specifically enable
generation of a single-length key or a double-length key with equal key-halves (an
Process Rule Command
Offset
Command
CLR8-ENC X'0040' Generate Diversified Key (CLR8-ENC)
SESS-XOR X'0043' Generate Diversified Key (SESS-XOR)
TDES-DEC X'0042' Generate Diversified Key (TDES-DEC)
TDES-ENC X'0041' Generate Diversified Key (TDES-ENC)
TDES-XOR X'0045' Generate Diversified Key (TDES-XOR)
TDESEMV2,
TDESEMV4
X'0046' Generate Diversified Key (TDESEMVn)
5-40 IBM 4758 CCA Basic Services, Release 2.54, February 2005