IBM 2 Computer Hardware User Manual


 
MAC_Verify CCA Release 2.54
MAC_Verify (CSNBMVR)
Platform/
Product
OS/2 AIX Win NT/
2000
OS/400
IBM 4758-2/23 X X X X
The MAC_Verify verb verifies a message authentication code (MAC) for a text
string that you supply. For additional information about using the MAC generation
and verification verbs, see “Ensuring Data Integrity” on page 6-3.
Performance can be enhanced by aligning the start of the text variable on a
four-byte boundary.
You specify the message authentication code process through the choice of a
rule-array keyword. Note that there are defaults based on your use of a
single-length or double-length key.
X9.1-1
ANSI X9.9-1 procedure, by default when you supply a single-length key. This is
the same as ISO/IEC 9797-1, Algorithm 1.
X9.19OPT
ANSI X9.19 Optional Procedure, by default when you supply a double-length key.
This is the same as ISO/IEC 9797-1, Algorithm 3.
EMVMAC and EMVMACD
EMV authentication procedure.
4
The verb extends the text you supply with X'80'
and the minimum number (0...7) bytes of X'00' for the extended message to
become a multiple of 8 bytes in length. The MAC is computed based on ISO/IEC
9797-1, Algorithm 1 or 3 depending on key length. When specifying a
single-length key, use EMVMAC. When specifying a double-length key, use
EMVMACD.
Note: The EMV specification permits the MAC to be 4, 5, ..., 8 bytes in length.
This verb only supports MAC lengths of 4, 6, and 8 bytes.
You can specify any of these key types: DATA, DATAM, MAC, or MACVER.
Restrictions
The text_length variable must be at least eight bytes, and less than 32MB - 8
bytes, or less than 64MB - 8 bytes in the OS/400 environment.
Support for EMVMAC and EMVMACD begins with Release 2.51.
4
See the EMV 4.0 Book 2, Annex A.1.2, for information about this form of MAC verification.
6-14 IBM 4758 CCA Basic Services, Release 2.54, February 2005