Support User Manuals

IBM 2 Computer Hardware User Manual

Open as PDF

of 508

CCA Release 2.54 Master_Key_Distribution

Parameters

For the definitions of the return_code, reason_code, exit_data_length, and exit_data

parameters, see “Parameters Common to All Verbs” on page 1-11.

rule_array_count

The rule_array_count parameter is a pointer to an integer variable containing

the number of elements in the rule_array variable. The value must be one or

two for this verb.

rule_array

The rule_array parameter is a pointer to a string variable containing an array of

keywords. The keywords are eight bytes in length, and must be left-justified

and padded on the right with space characters. The rule_array keywords are

shown below:

share_index

The share_index parameter is a pointer to an integer variable containing the

index number of the share to be generated or received by the Coprocessor.

private_key_name

The private_key_name parameter is a pointer to a string variable containing the

name of the Coprocessor-retained private key used to sign the cloning

information (OBTAIN mode), or recover the cloning-information encrypting key

(INSTALL mode).

certifying_key_name

The certifying_key_name parameter is a pointer to a string variable containing

the name of the Coprocessor-retained public key used to verify the offered

certificate.

certificate_length

The certificate_length parameter is a pointer to an integer variable containing

the number of bytes of data in the certificate variable.

certificate

The certificate parameter is a pointer to a string variable containing the

public-key certificate that can be validated using the public key identified with

the certifying_key_name variable.

clone_info_encrypting_key_length

The clone_info_encrypting_key_length parameter is a pointer to an integer

variable containing the number of bytes of data in the

clone_info_encrypting_key variable.

Keyword Meaning

Operation (one required)

OBTAIN Generate and output a master-key share and other cloning

information.

INSTALL Receive a master-key share and other cloning information.

Master-key choice (one, optional)

SYM-MK Operate with the symmetric master-key registers.

ASYM-MK Operate with the asymmetric master-key registers.

Chapter 2. CCA Node-Management and Access-Control 2-57

previous next