Variable-length symmetric key tokens

Table 1 shows the general format of the token version number X'05' key token.

Table 1 shows the format of the CIPHER variable-length symmetric key-token that can be used with the AES algorithm. An AES CIPHER key-token is used by the Symmetric_Algorithm_Decipher (CSNBSAD) and Symmetric_Algorithm_Encipher (CSNBSAE) verbs to decipher or encipher data with the AES algorithm.

Table 1 shows the format of the MAC variable-length symmetric key-token that can be used with the AES algorithm.

Table 1 shows the format of the MAC variable-length symmetric key-token that can be used with the HMAC algorithm. An HMAC MAC key-token is used by the HMAC_Generate (CSNBHMG) and HMAC_Verify (CSNBHMV) verbs to generate or verify keyed hash message authentication codes.

Table 1 shows the format of the EXPORTER and IMPORTER variable-length symmetric key tokens that can be used with the AES algorithm. An EXPORTER operational key-token is used by the Symmetric_Key_Export (CSNDSYX) verb to export an internal AES or HMAC variable-length symmetric key-token into an external variable-length symmetric key-token, either into an AESKW or PKOAEP2 wrapped payload. An IMPORTER operational key-token is used by the Symmetric_Key_Import2 (CSNDSYI2) verb to import an external AES or HMAC variable-length symmetric key-token, containing either an AESKW or PKOAEP2 wrapped payload, into an internal variable-length symmetric key-token.

Table 1 shows the format of the PINPROT, PINCALC, and PINPRW variable-length symmetric key tokens that can be used with the AES algorithm.

Table 1 shows the format of the DESUSECV variable-length symmetric key tokens that can be used with the AES algorithm.

Table 1 shows the format of the SECMSG variable-length symmetric key tokens that can be used with the AES algorithm.