Selecting the key-half processing mode
Use the Control Vector Translate verb to change a control vector associated with a key.

- Keyword
- Description
- SINGLE
- This keyword causes the control vector of the left half of the source key to be changed. The
updated key half is placed into the left half of the target key in the target key token. The right
half of the target key is unchanged.
The SINGLE keyword is useful when processing a single-length key or when first processing the left half of a double-length key (to be followed by processing the right half).
- RIGHT
- This keyword causes the control vector of the right half of the source key to be changed. The updated key half is placed into the right half of the target key of the target key token. The left half of the source key is copied unchanged into the left half of the target key in the target key token.
- BOTH
- This keyword causes the control vector of both halves of the source key to be changed. The
updated key is placed into the target key in the target key token.
A single set of control information must permit the control vector changes applied to each key half. Normally, control vector bit positions 41, 42, 105, and 106 are different for each key half. Therefore, set bits 41 and 42 to B'00' in mask array elements B1, B2, and B3.
You can verify that the source and target key tokens have control vectors with matching bits in bit positions 40-42 and 104-106, the
form field
bits. Ensure bits 40-42 of mask array B4 are set to B'111'. - LEFT
- This keyword enables you to supply a single-length key and obtain a double-length key. The
source key token must contain:
- The KEK-enciphered single-length key
- The control vector for the single-length key (often this is a null value)
- A control vector, stored in the source token where the right-half control vector is normally stored, used in decrypting the single-length source key when the key is being processed for the target right half of the key.
The verb first processes the source and target tokens as with the SINGLE keyword. Then the source token is processed using the single-length enciphered key and the source token right-half control vector to obtain the actual key value. The key value is then enciphered using the KEK and the control vector in the target token for the right-half of the key.
This approach is frequently of use when you must obtain a double-length CCA key from a system that supports only a single-length key, for example when processing PIN keys or key-encrypting keys received from non-CCA systems.
To prevent the verb from ensuring each key byte has odd parity, you can specify the NOADJUST keyword. If you do not specify the NOADJUST keyword, or if you specify the ADJUST keyword, the verb ensures each byte of the target key has odd parity.