- return_code
-
Direction: Output | Type: Integer |
The return code specifies the general result of the callable
service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.
- reason_code
-
Direction: Output | Type: Integer |
The reason code specifies the result of the callable service
that is returned to the application program. Each return code has
different reason codes that are assigned to it that indicate specific
processing problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason
codes.
- exit_data_length
-
Direction: Input/Output | Type: Integer |
The length of the data that is passed to the installation
exit. The length can be from X'00000000' to X'7FFFFFFF' (2
gigabytes). The data is identified in the exit_data parameter.
- exit_data
-
Direction: Input/Output | Type: String |
The data that is passed to the installation exit.
- rule_array_count
-
Direction: Input | Type: Integer |
The number of keywords you supplied in the rule_array parameter.
This value can be 1 or 2.
- rule_array
-
Direction: Input | Type: String |
A keyword that provides control information to the callable
service. The keyword is left-justified in an 8-byte field and padded
on the right with blanks.
Table 76. Keywords for PKA EncryptKeyword | Meaning |
---|
Formatting Method (required) specifies the
method to use to format the key value prior to encryption. |
PKCS-1.2 | RSA DSI PKCS #1 block type 02 format
will be used to format the supplied key value. |
ZERO-PAD | The key value will be padded on the
left with binary zeros to the length of the PKA key modulus. The
exponent of the public key must be odd. |
MRP | The key value will be padded on the left with
binary zeros to the length of the PKA key modulus. The RSA public
key may have an even or odd exponent. This keyword requires May 2004 or later version of Licensed Internal Code (LIC) or a z890.
For
PCICAs, the LIC code update is not required. |
Key
Rule (Optional) |
KEYIDENT | This indicates that the value in the keyvalue field
is the label of clear tokens in the CKDS. The keyvalue_length must
be 64. |
- keyvalue_length
-
Direction: Input | Type: Integer |
The length of the keyvalue parameter. The maximum
field size is 512 bytes. The actual maximum size depends
on the modulus length of PKA_key_identifier and the
formatting method you specify in the rule_array parameter.
When key rule KEYIDENT is specified, then the keyvalue_length parameter
is required to be 64 bytes.
- keyvalue
-
Direction: Input | Type: String |
This field contains the supplied clear key value to be
encrypted under the PKA_key_identifier. When key rule
KEYIDENT is specified, the keyvalue parameter is assumed
to contain a label for a valid CKDS clear key token.
- data_structure_length
-
Direction: Input | Type: Integer |
This value must be 0.
- data_structure
-
Direction: Input | Type: String |
This field is currently ignored.
- PKA_key_identifier_length
-
Direction: Input | Type: Integer |
The length of the PKA_key_identifier parameter.
When the PKA_key_identifier is a key label, this field
specifies the length of the label. The maximum size that you can specify
is 3500 bytes.
- PKA_key_identifier
-
Direction: Input | Type: String |
The RSA public or private key token or the label of the
RSA public or private key to be used to encrypt the supplied key value.
- PKA_enciphered_keyvalue_length
-
Direction: Input/Output | Type: integer |
The length of the PKA_enciphered_keyvalue parameter
in bytes. The maximum size that you can specify is 512 bytes.
On return, this field is updated with the actual length of PKA_enciphered_keyvalue.
This
length should be the same as the modulus length of the PKA_key_identifier.
- PKA_enciphered_keyvalue
-
Direction: Output | Type: String |
This field contains the key value protected under an RSA
public key. This byte-length string is left-justified within the PKA_enciphered_keyvalue parameter.