Filter
Top Products
Key_Part_Import CCA Release 2.54
Key_Part_Import (CSNBKPI)
Platform/
Product
OS/2 AIX Win NT/
2000
OS/400
IBM 4758-2/23 X X X X
The Key_Part_Import verb is used to accumulate “parts” of a key and store the
result as an encrypted partial key or as the final key. Individual key-parts are
exclusive-ORed together to form the accumulated key.
On each call to Key_Part_Import (except COMPLETE, see below), specify 8 bytes
or 16 bytes of clear key-information based on the length of the key that you are
accumulating. Align an 8-byte clear key in the high-order bytes (leftmost bytes) of
a 16-byte field. Also specify an internal key-token in which the key information is
accumulated. The key token must include a control vector. The control vector
defines the length of the key, 8 or 16 bytes (single length or double length). The
control vector must have the KEY-PART bit set on. The verb returns the
accumulated key information as a master-key-encrypted value in the updated
key-token.
You can use the Key_Token_Build verb to create the internal key-token into which
the first key-part will be imported.
On each call to Key_Part_Import, also specify a rule-array keyword to define the
verb action: FIRST, MIDDLE, LAST, ADD-PART, or COMPLETE.
With the FIRST keyword, the verb ignores any key information present in the
input key-token. Each byte of the 8- or 16-byte key-part should have the
low-order bit set such that the byte has an odd number of one-bits, otherwise
assuming no other problems, the verb will return reason code 2. Use of the
FIRST keyword requires that the Load First Key Part command be enabled in
the access-control system.
With the MIDDLE keyword, the verb exclusive-ORs the clear key-part with the
(internally decrypted) key value from the input key-token. Each byte of the 8-
or 16-byte key-part should have the low-order bit set such that the byte has an
even number of one-bits. If any byte in the updated key has an even number
of one bits, and there are no other problems, the verb will return reason
code 2. Use of the MIDDLE keyword requires that the Combine Key Parts
command be enabled in the access-control system. The key-part bit remains
on in the control vector of the updated key token returned from the verb.
With the LAST keyword, the verb exclusive-ORs the clear key-part with the
(internally decrypted) key value in the input key-token. Each byte of the 8- or
16-byte key-part should have the low-order bit set such that the byte has an
even number of one-bits. If any byte in the updated key has an even number
of one bits, and there are no other problems, the verb will return reason
code 2. This use of the LAST keyword requires that the Combine Key Parts
command be enabled in the access-control system. The key-part bit is set off
in the control vector of the updated key token returned from the verb.
With the ADD-PART keyword, the verb exclusive-ORs the clear key-part with
the (internally decrypted) key value in the input key-token. Each byte of the 8-
or 16-byte key-part should have the low-order bit set such that the byte has an
even number of one-bits. If any byte in the updated key has an even number
5-54 IBM 4758 CCA Basic Services, Release 2.54, February 2005