PKA_Symmetric_Key_Export CCA Release 2.54
PKA_Symmetric_Key_Export (CSNDSYX)
Platform/
Product
OS/2 AIX Win NT/
2000
OS/400
IBM 4758-2/23 X X X X
The PKA_Symmetric_Key_Export verb enciphers a symmetric DES or CDMF
default DATA-key using an RSA public key.
Specify the symmetric key to be exported, the exporting RSA public-key, and a
rule-array keyword to define the key-formatting method. The DATA control-vector
must have the default value for a single-length or a double-length key as listed in
Figure C-2 on page C-3.
Choose a key-formatting method through a rule array keyword specification. The
formatted key is then enciphered (wrapped) using the supplied public key.
Formatting options:
PKCSOAEP The PKCSOAEP keyword specifies to format a single-length or
double-length DATA key (or CDMF key) according to the method described in
the RSA DSI PKCS#1-v2.0 documentation for RSAES-OAEP. See “PKCS #1
Formats” on page D-19.
PKCS-1.2 The PKCS-1.2 keyword specifies to format a single-length or
double-length DATA key (or CDMF key) according to the method described in
the RSA DSI PKCS #1 documentation for block type 2. In the RSA PKCS #1
v2.0 standard, RSA terminology describes this as the RSAES-PKCS1-v1_5
format. See “PKCS #1 Formats” on page D-19.
ZERO-PAD The ZERO-PAD keyword specifies to format a single-length or
double-length DATA key (or CDMF key) by padding the key value to the left
with bits valued to zero.
Restrictions
The RSA public-key modulus size (key size) is limited by the Function Control
Vector to accommodate potential governmental export and import regulations.
You can only export a default DATA-key with this verb.
Format
CSNDSYX
return_code Output Integer
reason_code Output Integer
exit_data_length In/Output Integer
exit_data In/Output String exit_data_length bytes
rule_array_count Input Integer one
rule_array Input String
array
rule_array_count * 8 bytes
source_key_identifier_length Input Integer
source_key_identifier Input String source_key_identifier_length
bytes
RSA_public_key_token_length Input Integer
RSA_public_key_token Input String RSA_public_key_identifier_length
bytes
RSA_enciphered_key_length In/Output Integer
RSA_enciphered_key Output String RSA_enciphered_key_length
bytes
5-78 IBM 4758 CCA Basic Services, Release 2.54, February 2005