Support User Manuals

IBM 2 Computer Hardware User Manual

Open as PDF

of 508

PKA_Symmetric_Key_Generate CCA Release 2.54

key_encrypting_key_identifier

The key_encrypting_key_identifier parameter is a pointer to a string variable

containing the key token or the key label of a key token in key storage with the

key-encrypting key used to encipher one generated-key copy for DES-based

key distribution.

RSA_public_key_identifier_length

The RSA_public_key_identifier_length parameter is a pointer to an integer

variable containing the number of bytes of data in the

RSA_public_key_identifier variable. The maximum size allowed is 2500 bytes.

RSA_public_key_identifier

The RSA_public_key_identifier parameter is a pointer to a string variable

containing a PKA96 RSA key-token with the RSA public-key of the remote

node that will import the exported key.

local_enciphered_key_identifier_length

The local_enciphered_key_identifier_length parameter is a pointer to an integer

variable containing the number of bytes of data in the

local_enciphered_key_identifier variable. The maximum size allowed is 2500.

However, this value should be 64 as in current CCA practice a DES key-token

or a key label is always a 64-byte structure.

local_enciphered_key_identifier

The local_enciphered_key_identifier parameter is a pointer to a string variable

containing either a key name or a key token. The control vector for the local

key is taken from the identified key token. On output, the generated key is

inserted into the identified key token.

On input, you must specify a token type consistent with your choice of local-key

encryption. If you specify IM or EX, you must specify an external key-token.

Otherwise, specify an internal key-token or a null key-token.

When PKCSOAEP, PKCS-1.2, or ZERO-PAD is specified, a null key-token can

be specified. In this case, a DATA key will be returned. For an internal key

(OP), a default DATA control-vector is returned in the key token. For an

external key (IM or EX), the control vector is set to null.

Keyword Meaning

Key length (optional use with PKCSOAEP, PKCS-1.2, and ZERO-PAD)

SINGLE

KEYLN8

Specifies that an exported DATA key should be single length.

This the default.

DOUBLE

KEYLN16

Specifies that an exported DATA key should be double length.

DES encipherment (optional use with PKCSOAEP, PKCS-1.2, and ZERO-PAD)

OP Enciphers one key copy with the symmetric master-key. This

is the default.

IM Enciphers one key copy using the IMPORTER

key-encrypting-key specified with the

key_encrypting_key_identifier parameter.

EX Enciphers one key copy using the EXPORTER

key-encrypting-key specified with the

key_encrypting_key_identifier parameter.

5-84 IBM 4758 CCA Basic Services, Release 2.54, February 2005

previous next