Parameters
The parameters for CSNDSYI.
For the definitions of the return_code, reason_code, exit_data_length, and exit_data parameters, see Parameters common to all verbs.
- rule_array_count
-
A pointer to an integer variable containing the number of elements in the rule_array variable. This value must be 1 - 5.
Direction: Input Type: Integer - rule_array
-
The keyword that provides control information to the verb. The recovery method is the method to use to recover the symmetric key. The keyword is left-aligned in an 8-byte field and padded on the right with blanks. The rule_array keywords are described in Table 1.
Direction: Input Type: String array Table 1. Keywords for Symmetric Key Import control information Keyword Description Algorithm (One, optional) AES Export an AES key. DES Export a DES key. This is the default. Recovery method (One required) PKA92 Specifies the key-encrypting key is encrypted under a PKA96 RSA public key according to the PKA92 formatting structure. PKCSOAEP Specifies to use the method found in RSA DSI PKCS #1V2 OAEP. Supported by the DES and AES algorithms. The default hash method is SHA-1. Use the SHA-256 keyword for the SHA-256 hash method. PKCS-1.2 Specifies the method found in RSA DSI PKCS #1 block type 02. In the RSA PKCS #1 v2.0 standard, RSA terminology describes this as the RSAES-PKCS1-v1_5 format. This method is deprecated and should not be used for any new development. ZERO-PAD The clear key is right-aligned in the field provided, and the field is padded to the left with zeros up to the size of the RSA encryption block (which is the modulus length). This method is deprecated and should not be used for any new development. Key-wrapping method (One, optional) USECONFG This is the default. Specifies to wrap the key using the configuration setting for the default wrapping method. The default wrapping method configuration setting may be changed using the TKE. This keyword is ignored for AES keys. WRAP-ENH Specifies to wrap the key using the legacy wrapping method. This keyword is ignored for AES keys. WRAP-ECB Specifies to wrap the key using the enhanced wrapping method. Valid only for DES keys. WRAPENH2 Specifies to wrap the key using the enhanced wrapping method and SHA-256. Valid only for TRIPLE or TRIPLE-O. This method requires CV bit 56 = B’1’ (ENH-ONLY). This is the default for TRIPLE and TRIPLE-O. WRAPENH3 Specifies to wrap the key using the enhanced wrapping method with TDES-CMAC and the SHA-256 hashing algorithm. This keyword sets CV bit 56 = B’1’ (ENH-ONLY), which is required for the WRAPENH3 wrapping method. Translation control (Optional) This is valid only with key-wrapping method WRAP-ENH or with USECONFG when the default wrapping method is WRAP-ENH. This option cannot be used on a key with a control vector valued to binary zeros. ENH-ONLY Specifies to restrict the key from being wrapped with the legacy wrapping method after it has been wrapped with the enhanced wrapping method. Sets bit 56 (ENH-ONLY) of the control vector to B'1'. Hash method (Optional). Valid only with keyword PKCSOAEP. SHA-1 Specifies to use the SHA-1 hash method to calculate the OAEP message hash. This is the default. SHA-256 Specifies to use the SHA-256 hash method to calculate the OAEP message hash. - RSA_enciphered_key_length
-
The length of the RSA_enciphered_key parameter. The maximum size is 3500 bytes.
Direction: Input Type: Integer - RSA_enciphered_key
-
The key to import, protected under an RSA public key. The encrypted key is in the low-order bits (right-aligned) of a string whose length is the minimum number of bytes that can contain the encrypted key. This string is left-aligned within the RSA_enciphered_key parameter.
Direction: Input Type: String - RSA_private_key_identifier_length
-
The length of the RSA_private_key_identifier parameter. When the RSA_private_key_identifier parameter is a key label, this field specifies the length of the label. The maximum size is 3500 bytes.
Direction: Input Type: Integer - RSA_private_key_identifier
-
An internal RSA private key token or label whose corresponding public key protects the symmetric key.
Direction: Input Type: String - target_key_identifier_length
-
The length of the target_key_identifier parameter. This field is updated with the actual length of the target_key_identifier that is generated. The maximum length is 3500 bytes.
Direction: Input/Output Type: Integer - target_key_identifier
-
This field contains the internal token of the imported symmetric key.
Direction: Input/Output Type: String Except for PKA92 processing, this verb produces a DATA key token with a key of the same length as that contained in the imported token.
When the RSA_private_key_identifier is compliant-tagged, the key is imported as a compliant-tagged key token.