Filter
Top Products
CCA Release 2.54
– Section identifier X'05' for a CRT-format key up to 1024 bits is accepted
as input.
A public-key section (RSA section identifier X'04', see Figure B-13 on
page B-16) see Figure B-13 on page B-16)
An optional key-name section (section identifier X'10', see Figure B-14 on
page B-16)
For internal key-tokens with private keys in X'02' or X'05' sections, a
private-key blinding section (section identifier X'FF', see Figure B-22 on
page B-20)
An optional certificate(s) section (section identifier X'40' with subsidiary
sections, see Figure B-15 on page B-17).
The key tokens can be built with the PKA_Key_Token_Build verb.
PKA Key-Token Integrity
If the token contains private key information, then the integrity of the information
within the token can be verified by computing and comparing the SHA-1 hash
values that are found in the private-key sections (portions of the key token). The
SHA-1 hash value at offset four within the private-key section requires access to
the cleartext values of the private-key components. The cryptographic engine will
verify this hash quantity whenever it retrieves the secret key for productive use.
A second SHA-1 hash value is located at offset 30 within the private key section.
This hash value is computed on optional, designated key-token information
following the public-key section. The value of this SHA-1 hash is included in the
computation of the hash at offset four. As with the offset-four hash value, the hash
at offset 30 is validated whenever a private key is recovered from the token for
productive use.
In addition to the hash checks, various token format and content checks are
performed to validate the key values.
The optional private-key name section can be used by access monitor systems (for
example, RACF) to ensure that the application program is entitled to employ the
particular private key.
Number Representation in PKA Key-Tokens
1. All length fields are in binary.
2. All binary fields (exponents, lengths, and so forth) are stored with the
high-order byte first (left, low-address, S/390 format); thus the least significant
bits are to the right and preceded with zero-bits to the width of a field.
3. In variable-length binary fields that have an associated field-length value,
leading bytes that would contain X'00' can be dropped and the field shortened
to contain only the significant bits.
B-8 IBM 4758 CCA Basic Services, Release 2.54, February 2005