Filter
Top Products
CCA Release 2.54
Selecting the Key-Half Processing Mode
The Control_Vector_Translate verb rule-array keywords determine which key halves
are processed in the verb call, as shown in Figure C-9.
Keyword SINGLE Keyword RIGHT Keyword BOTH Keyword LEFT
┌─────────┬─────────┐ ┌─────────┬─────────┐ ┌─────────┬─────────┐ ┌─────────┬─────────┐
Source Key │ LEFT │ RIGHT │ │ LEFT │ RIGHT │ │ LEFT │ RIGHT │ │ LEFT │CV-RIGHT │
└────┬────┴─────────┘ └────┬────┴────┬────┘ └────┬────┴────┬────┘ └────┬────┴──────┬──┘
│ │ │ │ │ ├───key───┐┘
┌────────┐ │ ┌────────┐ ┌────────┬────────┐ ┌────────┬────────┐
Process │CHANGE─CV│ Copy │CHANGE─CV│ │CHANGE─CV│CHANGE─CV│ │CHANGE─CV│CHANGE─CV│
└────┬────┘ │ └────┬────┘ └────┬────┴────┬────┘ └────┬────┴────┬────┘
│ (Unchanged) │ │ │ │ │ │
┌────────┬─────────┐ ┌────────┬────────┐ ┌────────┬────────┐ ┌────────┬────────┐
Target Key │ LEFT │ RIGHT │ │ LEFT │ RIGHT │ │ LEFT │ RIGHT │ │ LEFT │ RIGHT │
└─────────┴─────────┘ └─────────┴─────────┘ └─────────┴─────────┘ └─────────┴─────────┘
Figure C-9. Control_Vector_Translate Verb Process. In this figure, CHANGE-CV means the requested control
vector translation change; LEFT and RIGHT mean the left and right halves of a key and its control vector.
Keyword Meaning
SINGLE This keyword causes the control vector of the left half of the source
key to be changed. The updated key half is placed into the left half of
the target key in the target key token. The right half of the target key
is unchanged.
The SINGLE keyword is useful when processing a single-length key,
or when first processing the left half of a double-length key (to be
followed by processing the right half).
RIGHT This keyword causes the control vector of the right half of the source
key to be changed. The updated key half is placed into the right half
of the target key of the target key token. The left half of the source
key is copied unchanged into the left half of the target key in the
target key token.
BOTH This keyword causes the control vector of both halves of the source
key to be changed. The updated key is placed into the target key in
the target key token.
A single set of control information must permit the control vector
changes applied to each key half. Normally, control vector bit
positions 41, 42, 105, and 106 are different for each key half.
Therefore, set bits 41 and 42 to B'00' in mask array elements B
1
, B
2
,
and B
3
.
You can verify that the source and target key tokens have control
vectors with matching bits in bit positions 40-42 and 104-106, the
“form field” bits. Ensuring that bits 40-42 of mask array B
4
are set to
B'111'.
LEFT This keyword enables you to supply a single-length key and obtain a
double-length key. The source key token must contain:
The KEK-enciphered single-length key
The control vector for the single-length key (often this is a null
value)
A control vector, stored in the source token where the right-half
control vector is normally stored, used in decrypting the
single-length source key when the key is being processed for the
target right half of the key.
Appendix C. CCA Control-Vector Definitions and Key Encryption C-23