STATKPR
This keyword returns non-secret information about a particular named operational key part loaded by the TKE to the user.
The structures for various key types are given under section STATKPR output data. An appropriate name for an existing operational key part is expected to be provided as described in section STATKPR input data. If not, the error return code of 8 and a reason code of 1026 is be returned, meaning key name not found.
STATKPR input data
A 64-byte key name must be provided in the verb_data field, while the verb_data_length must be set to a value of 64.
The operational key name must exactly match the name returned by a call to STATKPRL.
STATKPR output data
- The fields are returned in the order given.
- Output data overwrites the input data in the verb_data field, and set the verb_data_length field to the output value.
- The verb_data_length parameter indicates the total size, at the bottom of
the table describing the verb_data.
Notice that the output data is smaller than the input data.
- Multiple byte fields are stored in Big-Endian format, as is typical for CEX*C communication.
| Field name | Length in bytes | Description |
|---|---|---|
| state | 1 | State of the key part register:
|
| reserved | 1 | Will have a value of X'00'. |
| key_length | 1 | Length of key in bytes. For DES keys, values are: 8, 16, 24. For AES keys, values are: 16, 24, 32. |
| cv_length | 1 | Length of Control Vector (CV) for key part, in bytes. The value is 8 or 16, indicating how much of the CV field to use. CV is not a variable length field. |
| cv | 16 | Control Vector for the operational key part. |
| reserved_2 | 8 | Has a value of X'00' for the entire length. |
| key_part_hash | 20 | Hash over the key stored in the key part register. For DES keys, the hash algorithm is SHA-1.
For AES keys, the hash algorithm is SHA-256. This is the default behavior. If the keyword CMACZERO has been passed, then this field contains 5 bytes of a CMACZERO key check value over the key stored in the key part register. The remaining bytes are 0x00. If the keyword ENC-ZERO has been passed but the keyword CMACZERO has not been passed, then this field contains only bytes of 0x00. |
| ver_pattern | 4 | Verification pattern over the key calculated using the default algorithm. This is the default
behavior. If the keyword ENC-ZERO has been passed and the key in the key part register is a DES key, then this field contains 3 bytes of an ENC-ZERO key check value over the key stored in the key part register. The remaining bytes are 0x00. If the keyword CMACZERO has been passed but the keyword ENC-ZERO has not been passed, or if the key in the key part register is not a DES key, then this field contains only bytes of 0x00. |
| Total byte count | 52 | |