Filter
Top Products
Revision History CCA Release 2.54
The PKA_Symmetric_Key_Export, PKA_Symmetric_Key_Generate, and
PKA_Symmetric_Key_Import verbs are updated to include support of the
“OAEP” key-wrapping technique as specified in the RSA PKCS#1-v2.0
specification.
The action associated with the derivation-counter in control vector bits 12-14 in
the Diversified_Key_Generate verb when using the TDES-ENC and TDES-DEC
keywords is described on page 5-37.
Weak-key checking in the Master_Key_Process verb is corrected. Note that
obtaining a weak key from a random process is an incredibly rare event.
The Key_Test verb is updated to correctly process the ENC-ZERO method in
all cases.
The RSA key token format descriptions have updated and corrected
information, see “RSA PKA Key-Tokens” on page B-6. The blinding
information fields are removed from the description of private key section types
X'06' and X'08'. This information is not required since blinding is not used
due to the electronic design of the IBM 4758 Models 002 and 023
Coprocessors.
Control vector user-definition bits 4 and 5 are reserved for use by User Defined
Extension code (UDX) and are not tested or set by the standard CCA product.
Bit 61 will prevent the standard CCA implementation from actively using a key,
however, a key with this control vector can be generated, exported, and
imported. See C-11.
Corrected checking of the old-DES-master-key when updating master keys.
Corrected the Transaction_Validation verb when encountering lower-case rule
array keywords.
Corrected initialization of CCA within the Coprocessor so that in a
multi-Coprocessor installation the host system will only attempt to access
CCA-initialized Coprocessors.
Corrected the processing of a version 0 external private key token.
Corrected the Encrypted_PIN_Translate PIN extraction process to use the
input-PIN-profile specified extraction method (rather than a method specified in
the output profile).
Corrected the PKA_Symmetric_Key_Import verb when processing
double-length keys using the ZERO-PAD option.
Sixth Edition, CCA Support Program, Release 2.30/2.31
This is the sixth edition of the IBM 4758 CCA Basic Services Reference and Guide
Version 2.31 for the IBM 4758 Models 002 and 023 technology and describes the
Common Cryptographic Architecture (CCA) application programming interface (API)
that is supported by the CCA Support Program, Release 2.30/2.31, for the IBM PCI
Cryptographic Coprocessor technology.
There are no major items changed, extended, or added in Release 2.31.
xx IBM 4758 CCA Basic Services, Release 2.54, February 2005