IBM 2 Computer Hardware User Manual


 
CCA Release 2.54 Master_Key_Distribution
Parameters
For the definitions of the return_code, reason_code, exit_data_length, and exit_data
parameters, see “Parameters Common to All Verbs” on page 1-11.
rule_array_count
The rule_array_count parameter is a pointer to an integer variable containing
the number of elements in the rule_array variable. The value must be one or
two for this verb.
rule_array
The rule_array parameter is a pointer to a string variable containing an array of
keywords. The keywords are eight bytes in length, and must be left-justified
and padded on the right with space characters. The rule_array keywords are
shown below:
share_index
The share_index parameter is a pointer to an integer variable containing the
index number of the share to be generated or received by the Coprocessor.
private_key_name
The private_key_name parameter is a pointer to a string variable containing the
name of the Coprocessor-retained private key used to sign the cloning
information (OBTAIN mode), or recover the cloning-information encrypting key
(INSTALL mode).
certifying_key_name
The certifying_key_name parameter is a pointer to a string variable containing
the name of the Coprocessor-retained public key used to verify the offered
certificate.
certificate_length
The certificate_length parameter is a pointer to an integer variable containing
the number of bytes of data in the certificate variable.
certificate
The certificate parameter is a pointer to a string variable containing the
public-key certificate that can be validated using the public key identified with
the certifying_key_name variable.
clone_info_encrypting_key_length
The clone_info_encrypting_key_length parameter is a pointer to an integer
variable containing the number of bytes of data in the
clone_info_encrypting_key variable.
Keyword Meaning
Operation (one required)
OBTAIN Generate and output a master-key share and other cloning
information.
INSTALL Receive a master-key share and other cloning information.
Master-key choice (one, optional)
SYM-MK Operate with the symmetric master-key registers.
ASYM-MK Operate with the asymmetric master-key registers.
Chapter 2. CCA Node-Management and Access-Control 2-57