CCA Release 2.54 PKA_Symmetric_Key_Export
Parameters
For the definitions of the return_code, reason_code, exit_data_length, and exit_data
parameters, see “Parameters Common to All Verbs” on page 1-11.
rule_array_count
The rule_array_count parameter is a pointer to an integer variable containing
the number of elements in the rule_array variable. The value must be one for
this verb.
rule_array
The rule_array parameter is a pointer to a string variable containing an array of
keywords. The keywords are eight bytes in length, and must be left-justified
and padded on the right with space characters. The rule_array keywords are
shown below:
source_key_identifier_length
The source_key_identifier_length parameter is a pointer to an integer variable
containing the number of bytes of data in the source_key_identifier variable.
The maximum size allowed is 2500 bytes.
source_key_identifier
The source_key_identifier parameter is a pointer to a string variable containing
either an operational key-token or the key label of an operational key-token to
be exported. The associated control-vector must permit the key to be exported.
RSA_public_key_token_length
The RSA_public_key_token_length parameter is a pointer to an integer variable
containing the number of bytes of data in the RSA_public_key_token variable.
The maximum size allowed is 2500 bytes.
RSA_public_key_token
The RSA_public_key_token parameter is a pointer to a string variable
containing a PKA96 RSA key-token with the RSA public-key of the remote
node that is to import the exported key.
RSA_enciphered_key_length
The RSA_enciphered_key_length parameter is a pointer to an integer variable
containing the number of bytes of data in the RSA_enciphered_key variable.
On output, the variable is updated with the actual length of the
RSA_enciphered_key variable. The maximum size allowed is 2500 bytes.
Keyword Meaning
Key-formatting method (one required)
PKCSOAEP Specifies that a DES (or CDMF) DATA-key can be exported
using the formatting method found in RSA DSI PKCS#1-v2.0
RSAES-OAEP documentation.
PKCS-1.2 Specifies that a DES (or CDMF) DATA-key can be exported
using the formatting method following the rules defined in the
RSA Laboratories PKCS#1 v2.0 RSAES-PKCS1-v1_5
specification.
ZERO-PAD Specifies that a DES (or CDMF) DATA-key can be exported
with the key value padded on the left with bits valued to zero.
Chapter 5. DES Key-Management 5-79