Filter
Top Products
CCA Release 2.54 Master_Key_Process
key_part
The key_part parameter is a pointer to a string variable containing a 168-bit
(3x56-bit, 24-byte) clear key-part that is used when you specify one of the
keywords FIRST, MIDDLE, or LAST
If you use the CLEAR, RANDOM, or SET keywords, the information in the
variable is ignored, but you must declare the variable.
Keyword Meaning
Master-key process (one required)
CLEAR Specifies to clear the new master-key register.
CLR-OLD Specifies to clear the old master-key register and set the
status for this register to empty.
You can use the CLR-OLD keyword to cause the old
master-key register to be cleared. The status response in the
Cryptographic_Facility_Query verb, STATCCA, shows the
condition of this register.
FIRST Specifies to load the first key_part.
MIDDLE Specifies to XOR the second, third, or other intermediate
key_part into the new master-key register.
LAST Specifies to XOR the last key_part into the new master-key
register.
RANDOM Causes generation of a random master-key value in the new
master-key register.
SET Specifies to advance the current master-key to the old
master-key register, to advance the new master-key to the
current master-key register, and to clear the new-master-key
register.
Required Commands
The Master_Key_Process verb requires the following commands to be enabled in
the hardware:
To process the symmetric master-keys, and also the asymmetric master-keys
when neither master-key set is specified:
– Clear New Master Key Register command (offset X'0032') with the
CLEAR keyword
– Clear Old Master Key Register command (offset X'0033') with the
CLR-OLD keyword
– Load First Master Key Part command (offset X'0018') with the FIRST
keyword
– Combine Master Key Parts command (offset X'0019') with the MIDDLE or
LAST keyword
– Generate Random Master Key command (offset X'0020') with the
RANDOM keyword
– Set Master Key command (offset X'001A') with the SET keyword.
To process the asymmetric master-keys:
– Clear New PKA Master Key Register command (offset X'0060') with the
CLEAR keyword
Chapter 2. CCA Node-Management and Access-Control 2-61