Filter
Top Products
CCA Release 2.54
Key-Storage Records
Key storage exists as an online, Direct Access Storage Device (DASD)-resident
data set for the storage of key records. Key records contain a key label, space for
a key token, and control information. The stored key tokens are accessed using
the key label. DES and PKA key tokens are held in independent key storage data
sets.
For platforms other than OS/400, the first two records in key storage contain
key-storage control information that includes the key verification information for the
master key that is used to multiply-encipher the keys that are held in key storage.
Figure B-24 shows the format of the first record in the file header of the
key-storage file. This record contains the default master-key verification
pattern, and part of the file description.
Figure B-25 on page B-23 shows the format of the second record in the file
header of the key-storage file. This record contains the rest of the file
description for key storage.
For platforms other than OS/400, Figure B-26 on page B-23 shows the format of
both the DES and PKA records that contain key tokens. For the OS/400 platform,
the DES and PKA key tokens are held in distinct record formats.
Figure B-27 on page B-24 shows the format of the records in OS/400 DES
key-storage that contain key tokens.
Figure B-28 on page B-24 shows the format of the records in OS/400 PKA
key-storage that contain key tokens.
Appendix B. Data Structures B-21