Support User Manuals

IBM 2 Computer Hardware User Manual

Open as PDF

of 508

CCA Release 2.54 PKA_Symmetric_Key_Export

Parameters

For the definitions of the return_code, reason_code, exit_data_length, and exit_data

parameters, see “Parameters Common to All Verbs” on page 1-11.

rule_array_count

The rule_array_count parameter is a pointer to an integer variable containing

the number of elements in the rule_array variable. The value must be one for

this verb.

rule_array

The rule_array parameter is a pointer to a string variable containing an array of

keywords. The keywords are eight bytes in length, and must be left-justified

and padded on the right with space characters. The rule_array keywords are

shown below:

source_key_identifier_length

The source_key_identifier_length parameter is a pointer to an integer variable

containing the number of bytes of data in the source_key_identifier variable.

The maximum size allowed is 2500 bytes.

source_key_identifier

The source_key_identifier parameter is a pointer to a string variable containing

either an operational key-token or the key label of an operational key-token to

be exported. The associated control-vector must permit the key to be exported.

RSA_public_key_token_length

The RSA_public_key_token_length parameter is a pointer to an integer variable

containing the number of bytes of data in the RSA_public_key_token variable.

The maximum size allowed is 2500 bytes.

RSA_public_key_token

The RSA_public_key_token parameter is a pointer to a string variable

containing a PKA96 RSA key-token with the RSA public-key of the remote

node that is to import the exported key.

RSA_enciphered_key_length

The RSA_enciphered_key_length parameter is a pointer to an integer variable

containing the number of bytes of data in the RSA_enciphered_key variable.

On output, the variable is updated with the actual length of the

RSA_enciphered_key variable. The maximum size allowed is 2500 bytes.

Keyword Meaning

Key-formatting method (one required)

PKCSOAEP Specifies that a DES (or CDMF) DATA-key can be exported

using the formatting method found in RSA DSI PKCS#1-v2.0

RSAES-OAEP documentation.

PKCS-1.2 Specifies that a DES (or CDMF) DATA-key can be exported

using the formatting method following the rules defined in the

RSA Laboratories PKCS#1 v2.0 RSAES-PKCS1-v1_5

specification.

ZERO-PAD Specifies that a DES (or CDMF) DATA-key can be exported

with the key value padded on the left with bits valued to zero.

Chapter 5. DES Key-Management 5-79

previous next