Support User Manuals

IBM 2 Computer Hardware User Manual

Open as PDF

of 508

PKA_Symmetric_Key_Import CCA Release 2.54

RSA_enciphered_key_length

The RSA_enciphered_key_length parameter is a pointer to an integer

containing the number of bytes of data in the RSA_enciphered_key variable.

The maximum size allowed is 2500 bytes.

RSA_enciphered_key

The RSA_enciphered_key parameter is a pointer to a string variable containing

the key being imported.

RSA_private_key_identifier_length

The RSA_private_key_identifier_length parameter is a pointer to an integer

variable containing the number of bytes of data in the

RSA_private_key_identifier variable. The maximum size allowed is 2500 bytes.

RSA_private_key_identifier

The RSA_private_key_identifier parameter is a pointer to a string variable

containing a key label or a PKA96 key-token with the internal RSA private-key

to be used to decipher the RSA-enciphered key.

target_key_identifier_length

The target_key_identifier_length parameter is a pointer to an integer variable

containing the number of bytes of data in the target_key_identifier variable. On

output, the value is updated with the actual length of the target_key_identifier

variable returned by the verb. The maximum size allowed is 2500 bytes.

target_key_identifier

The target_key_identifier parameter is a pointer to a string variable containing

either a key label, an internal key-token, or a null key-token. Any identified

internal key-token must contain a control vector that conforms to the

requirements of the key that is imported. For example, if the PKCS-1.2

keyword is used in the rule array, the key token must contain a default-value,

DATA control-vector. The imported key is returned in a key token identified

through this parameter.

Keyword Meaning

RSA key-encipherment method (one required)

PKCSOAEP Specifies the method found in RSA DSI PKCS#1-v2.0

RSAES-OAEP documentation.

PKCS-1.2 Specifies the method found in RSA DSI PKCS#1-v2.0

RSAES-PKCS1-v1_5 specification.

ZERO-PAD Specifies that a DES (or CDMF) DATA-key can be imported

with the key value padded from the left with bits valued to

zero.

PKA92 Specifies the PKA92 method of key encipherment for

key-encrypting keys.

Required Commands

The PKA_Symmetric_Key_Import verb requires these commands to be enabled in

the hardware for importing various key types:

 Symmetric Key Import PKCS-1.2/OAEP command (command offset X'0106')

for for DATA keys using the PKCSOAEP and PKCS-1.2 methods

5-88 IBM 4758 CCA Basic Services, Release 2.54, February 2005

previous next