Parameters

z/OS Cryptographic Services ICSF Application Programmer's Guide

Parameters

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

return_code

Direction: Output

Type: Integer

The return code specifies the general result of the callable service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.

reason_code

Direction: Output

Type: Integer

The reason code specifies the result of the callable service that is returned to the application program. Each return code has different reason codes that are assigned to it that indicate specific processing problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.

exit_data_length

Direction: Input/Output

Type: Integer

The length of the data that is passed to the installation exit. The length can be from X'00000000' to X'7FFFFFFF' (2 gigabytes). The data is identified in the exit_data parameter.

exit_data

Direction: Input/Output

Type: String

The data that is passed to the installation exit.

rule_array_count

Direction: Input

Type: Integer

The number of keywords you supplied in the rule_array parameter. This value can be 1 or 2.

rule_array

Direction: Input

Type: String

A keyword that provides control information to the callable service. The keyword is left-justified in an 8-byte field and padded on the right with blanks.

Table 76. Keywords for PKA Encrypt
Keyword	Meaning
Formatting Method (required) specifies the method to use to format the key value prior to encryption.
PKCS-1.2	RSA DSI PKCS #1 block type 02 format will be used to format the supplied key value.
ZERO-PAD	The key value will be padded on the left with binary zeros to the length of the PKA key modulus. The exponent of the public key must be odd.
MRP	The key value will be padded on the left with binary zeros to the length of the PKA key modulus. The RSA public key may have an even or odd exponent. This keyword requires May 2004 or later version of Licensed Internal Code (LIC) or a z890. For PCICAs, the LIC code update is not required.
Key Rule (Optional)
KEYIDENT	This indicates that the value in the `keyvalue` field is the label of clear tokens in the CKDS. The `keyvalue_length` must be 64.

keyvalue_length

Direction: Input

Type: Integer

The length of the keyvalue parameter. The maximum field size is 512 bytes. The actual maximum size depends on the modulus length of PKA_key_identifier and the formatting method you specify in the rule_array parameter. When key rule KEYIDENT is specified, then the keyvalue_length parameter is required to be 64 bytes.

keyvalue

Direction: Input

Type: String

This field contains the supplied clear key value to be encrypted under the PKA_key_identifier. When key rule KEYIDENT is specified, the keyvalue parameter is assumed to contain a label for a valid CKDS clear key token.

data_structure_length

Direction: Input

Type: Integer

This value must be 0.

data_structure

Direction: Input

Type: String

This field is currently ignored.

PKA_key_identifier_length

Direction: Input

Type: Integer

The length of the PKA_key_identifier parameter. When the PKA_key_identifier is a key label, this field specifies the length of the label. The maximum size that you can specify is 3500 bytes.

PKA_key_identifier

Direction: Input

Type: String

The RSA public or private key token or the label of the RSA public or private key to be used to encrypt the supplied key value.

PKA_enciphered_keyvalue_length

Direction: Input/Output

Type: integer

The length of the PKA_enciphered_keyvalue parameter in bytes. The maximum size that you can specify is 512 bytes. On return, this field is updated with the actual length of PKA_enciphered_keyvalue.

This length should be the same as the modulus length of the PKA_key_identifier.

PKA_enciphered_keyvalue

Direction: Output

Type: String

This field contains the key value protected under an RSA public key. This byte-length string is left-justified within the PKA_enciphered_keyvalue parameter.

Notices | Terms of use | Support | Contact z/OS | zFavorites