The caller must have both the required key tokens and both Parties
identifiers including a randomly generated nonce. Combine the exchanged
nonce and Party Info into the party identifier. (Both parties must
combine this information in the same format.) Then call the ECC Diffie-Hellman
callable service. Specify a skeleton token or the label of a skeleton
token as the output key identifier as a container for the computed
symmetric key material. Note, both parties must specify the same
key type in their skeleton key tokens.
- Specify rule array keyword DERIV01 to denote the Static Unified
Model key agreement scheme.
- Specify an ECC token as the private key identifier containing
this party's ECC public-private key pair.
- Optionally specify a private KEK key identifier, if the key pair
is in an external key token.
- Specify an ECC token as the public key identifier containing other
party's ECC public key part.
- Specify a skeleton token as the output key identifier as a container
for the computed symmetric key material.
- Optionally specify an output KEK key identifier, if the output
key is to be in an external key token.
- Specify the combined party info (including nonce) as the party
identifier.
- Specify the desired size of the key to be derived (in bits) as
the key bit length.