Key Part Import (CSNBKPI)

Before you use the Key Part Import verb for the first key part, you must use the Key Token Build or Key Token Build2 verb to create the internal key token into which the key will be imported. Subsequent key parts are combined with the first part in internal token form or as a label from the key storage file.

The preferred way to specify key parts is FIRST, ADD-PART, and COMPLETE in the rule_array. Only when the combined key parts have been marked as complete can the key token be used in any cryptographic operation. The partial key can be passed to the Key Token Change or Key Token Change2 verb for re-encipherment, in case building the key was started during a master key change operation. The partial key can be passed to the Key Token Parse verb, in order to discover how the key token was originally specified, if researching an old partial key. Partial keys can also be passed to the Key Test, Key Test2, and Key Test Extended verbs.

Key parts can also be specified as FIRST, MIDDLE, or LAST in the rule_array. ADD-PART or MIDDLE can be executed multiple times for as many key parts as necessary. Only when the LAST part has been combined can the key token be used in any other service.

New applications should employ the ADD-PART and COMPLETE keywords in lieu of the MIDDLE and LAST keywords in order to ensure a separation of responsibilities between someone who can add key-part information and someone who can declare that appropriate information has been accumulated in a key.

The Key Part Import verb can also be used to import a key without using key parts. Call the Key Part Import verb FIRST with key part value X'0000...' then call the Key Part Import verb LAST with the complete value.

Keys created using this service have odd parity. The FIRST key part is adjusted to odd parity. All subsequent key parts are adjusted to even parity before being combined.

This verb does not need to document any Usage notes.