z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Variable length token (AESKW method)

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

The wrapping method for the variable-length key tokens will be AESKW as defined in ANSI X9.102.

The wrapping of the payload of a variable length key (*K) using an AES *MK is defined as follows:

e*MK(*K) = eAESKW*MK(P)

P = ICV || Pad Length || Hash Length || Hash options || Data Hash || *K || Padding

Where:

  • ICV is the 6 byte constant 0xA6A6A6A6A6A6
  • Pad length is the length of the Padding in bits
  • Hash length is the length of the Data Hash in bytes
  • Hash options is a 4-byte field
  • Data Hash is the hash of the associated data block
  • Padding is the number of bytes, 0x00, to make of the overall length of P a multiple of 16
  • eAESKW means encryption using the AESKW method

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014