- return_code
-
Direction: Output | Type: Integer |
The return code specifies the general result of the callable
service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.
- reason_code
-
Direction: Output | Type: Integer |
The reason code specifies the result of the callable service
that is returned to the application program. Each return code has
different reason codes that indicate specific processing problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.
- exit_data_length
-
Direction: Input/Output | Type: Integer |
The length of the data that is passed to the installation
exit. The length can be from X'00000000' to X'7FFFFFFF' (2 gigabytes).
The data is identified in the exit_data parameter.
- exit_data
-
Direction: Input/Output | Type: String |
The data that is passed to the installation exit.
- rule_array_count
-
Direction: Input | Type: Integer |
The number of keywords you supplied in the rule_array parameter.
The value may be 2 or 3.
- rule_array
-
Direction: Input | Type: String |
Keywords that provide control information to the callable
service. The following table lists the keywords. Each keyword is left-justified
in 8-byte fields and padded on the right with blanks. All keywords
must be in contiguous storage.
Table 146. Keywords for HMAC Verify Control InformationKeyword | Meaning |
---|
Token algorithm (One required) |
HMAC | Specifies the HMAC algorithm to be
used to verify the MAC. |
Hash
method (One required) |
SHA-1 | Specifies the FIPS-198 HMAC procedure using
the SHA-1 hash method, a symmetric key and text to produce a 20-byte
(160-bit) MAC. |
SHA-224 | Specifies the FIPS-198 HMAC procedure using
the SHA-224 hash method, a symmetric key and text to produce a 28-byte
(224-bit) MAC. |
SHA-256 | Specifies the FIPS-198 HMAC procedure using
the SHA-256 hash method, a symmetric key and text to produce a 32-byte
(256-bit) MAC. |
SHA-384 | Specifies the FIPS-198 HMAC procedure using
the SHA-384 hash method, a symmetric key and text to produce a 48-byte
(384-bit) MAC. |
SHA-512 | Specifies the FIPS-198 HMAC procedure using
the SHA-512 hash method, a symmetric key and text to produce a 64-byte
(512-bit) MAC. |
Segmenting
Control (optional) |
FIRST | First call, this is the first segment of data
from the application program. |
LAST | Last call; this is the last data segment. |
MIDDLE | Middle call; this is an intermediate data segment. |
ONLY | Only call; segmenting is not employed by the
application program. This is the default value. |
- key_identifier_length
-
Direction: Input | Type: Integer |
The length of the key_identifier parameter. The
maximum value is 725.
- key_identifier
-
Direction: Input/Output | Type: String |
The 64-byte label or internal token of an encrypted
HMAC or HMACVER key.
- text_length
-
Direction: Input | Type: Integer |
The length of the text you supply in the text parameter.
The maximum length of text is 214783647 bytes. For FIRST
and MIDDLE calls, the text_length must be a multiple of 64
for SHA-1, SHA-224 and SHA-256 and a multiple of 128 for SHA-384 and
SHA-512 hash methods.
- text
-
Direction: Input | Type: String |
The application-supplied text for which the MAC is generated.
- chaining_vector_length
-
Direction: Input/Output | Type: Integer |
The length of the chaining_vector in bytes. The
value must be 128 bytes.
- chaining_vector
-
Direction: Input/Output | Type: String |
An 128-byte string that ICSF uses as a system work area.
Your application program must not change the data in this string.
The chaining vector permits data to be chained from one invocation
call to another.
On the first call, initialize this parameter
as binary zeros.
- mac_length
-
Direction: Input | Type: Integer |
The length of the mac parameter in bytes. The
maximum value is 64.
- mac
-
Direction: Input | Type: String |
The field that contains the MAC value you want to verify.
- text_id_in
-
Direction: Input | Type: Integer |
For CSNBHMV1 only, the ALET of the text for which the MAC
is generated.