z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


ICSF Triple DES via BSAFE

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

ICSF performs single, double, or triple DES depending on the length of the DES key; if you're using BSAFE to access ICSF triple DES, you should use the algorithm methods AM_TOKEN_DES_CBC_ENCRYPT and AM_TOKEN_DES_CBC_DECRYPT.

If you've already have an ICSF token, follow the instructions in the section titled Using the BSAFE KI_TOKEN.

If you're using a clear key, follow the same procedure, except use your clear key padded on the right with binary zeroes to a length of 64 as the internalKeyInfo part of your KI_TOKEN_INFO. ICSF will convert your clear key to an internal ICSF key token.

Here's an example:

 B_KEY_OBJ desKey = (B_KEY_OBJ)NULL_PTR;
 KEY_TOKEN_INFO myTokenInfo;
 unsigned char myToken[64] = {0};
 unsigned char * myTokenP;
 unsigned char myDoubleKey[16];   /* Input to this function  *
 unsigned char mfgID[] = "com.ibm.CCADES";
 unsigned char * mfgIDP;
     .
     .
     .
 myTokenP = myToken;
 mfgIDP = mfgID;
 T_memcpy(myToken,myDoubleKey,sizeof(myDoubleKey));
 myTokenInfo.manufacturerID.len = strlen(mfgID);
 myTokenInfo.manufacturerID.data = mfgIDP;
 myTokenInfo.internalKeyInfo.len = sizeof(myToken);
 myTokenInfo.internalKeyInfo.data = myTokenP;

 /*  Create a key object. */
 if ((status = B_CreateKeyObject (&desKey)) != 0)
    break;

 /*  Set the key object.  */
 if ((status = B_SetKeyInfo
    (desKey, KI_TOKEN, myTokenInfo )) != 0)
   break;
     .
     .
     .

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014