Number representation in PKA key tokens

View tables that present information about number representations in the available formats of PKA key tokens.

  • All length fields are in binary.
  • All binary fields (exponents, lengths, and so forth) are stored with the high-order byte first. Thus the least significant bits are to the right and preceded with zero-bits to the width of a field.
  • In variable-length binary fields that have an associated field-length value, leading bytes that would otherwise contain X'00' can be dropped and the field shortened to contain only the significant bits.
Table 1. PKA key token header
Offset (bytes) Length (bytes) Description
000 001 Token identifier (a flag that indicates token type)
X'00'
PKA null key-token
X'1E'
PKA external key-token; the optional private-key is either in cleartext or enciphered by a transport key-encrypting key
X'1F'
PKA internal key-token; the private key is enciphered by a master key
001 001 Token version number (X'00').
002 002 Length in bytes of the token structure (big endian).
004 004 Reserved, binary zero.