Filter
Top Products
CCA Release 2.54 Key_Generate
Format
CSNBKGN
return_code Output Integer
reason_code Output Integer
exit_data_length In/Output Integer
exit_data In/Output String exit_data_length bytes
key_form Input String 4 bytes
key_length Input String 8 bytes
key_type_1 Input String 8 bytes
key_type_2 Input String 8 bytes
KEK_key_identifier_1 Input String 64 bytes
KEK_key_identifier_2 Input String 64 bytes
generated_key_identifier_1 In/Output String 64 bytes
generated_key_identifier_2 In/Output String 64 bytes
Parameters
For the definitions of the return_code, reason_code, exit_data_length, and exit_data
parameters, see “Parameters Common to All Verbs” on page 1-11.
key_form
The key_form parameter is a pointer to a string variable containing the keyword
that defines whether one or two copies of the key will be generated, and the
type of key-encrypting key used to encipher the key. The keyword is four
characters in length, and must be left-justified and padded on the right with
space characters.
When you want a copy of the new key to be immediately useful at the local
node, ask for an operational (OP) key. An OP key is enciphered by the
master key.
When you want a copy of the new key to be imported to the local node at a
later time, specify an importable (IM) key. An IM key is enciphered by an
IMPORTER key type at the generating node.
When you want to distribute the generated key to another node or nodes,
specify an exportable (EX) key. An EX key is enciphered by an
EXPORTER key type at the generating node.
Specify one of the following keywords for the key_form variable:
OP One key for operational use.
IM One key to be imported later to this node.
EX One key for distribution to another node.
OPOP Two copies of the generated key, normally with different control
vector values.
OPIM Two copies of the generated key, normally with different control
vector values; one for use now, one for later importation.
OPEX Two copies of the generated key, normally with different control
vector values; one for local use and the other for use at a remote
node.
IMIM Two copies of the generated key, normally with different control
vector values; to be imported later to the local node.
IMEX Two copies of the generated key, normally with different control
vector values; one to be imported later to the local node and the
other for a remote node.
EXEX Two copies of the generated key, sometimes with different control
vector values; to be sent to two different remote nodes. No copy of
the generated key will be available to the local node.
Chapter 5. DES Key-Management 5-45