Parameters

The parameter definitions for CSNBKSI.

For the definitions of the return_code, reason_code, exit_data_length, and exit_data parameters, see Parameters common to all verbs.

rule_array_count
Direction: Input
Type: Integer
A pointer to an integer variable containing the number of elements in the rule_array variable. This value must be 2.
rule_array
Direction: Input
Type: String array
The rule_array parameter is a pointer to a string variable containing an array of keywords. The keywords are eight bytes in length and must be left-aligned and padded on the right with space characters. The rule_array keywords are described in Table 1.
Table 1. Keywords for Key Storage Initialization control information

Keywords for Key Storage Initialization control information

Keyword Description
Master-key source (Required)
CURRENT Specifies the current symmetric master-key of the default cryptographic facility is to be used for the initialization.
Key-storage selection (One required)
AES Initialize AES key storage (fixed-length and variable-length AES key tokens and HMAC key tokens).
DES Initialize DES key storage.
PKA Initialize PKA key storage (RSA, ECC, and QSA key tokens).
CMB Initialize the combined key storage (DES, fixed-length AES, variable-length AES, HMAC, RSA, ECC, and QSA key tokens).
key_storage_file_name_length
Direction: Input
Type: Integer
The key_storage_file_name_length parameter is a pointer to an integer variable containing the number of bytes of data in the key_storage_file_name variable. The length must be within the range of 1 - 64.
key_storage_file_name
Direction: Input
Type: String
The key_storage_file_name parameter is a pointer to a string variable containing the fully qualified file name of the key-storage file to be initialized. If the file does not exist, it is created. If the file does exist, it is overwritten and all existing keys are lost.
key_storage_description_length
Direction: Input
Type: Integer
The key_storage_description_length parameter is a pointer to an integer variable containing the number of bytes of data in the key_storage_description variable.
key_storage_description
Direction: Input
Type: String
The key_storage_description parameter is a pointer to a string variable containing the description string stored in the key-storage file when it is initialized.
clear_master_key
Direction: Input
Type: String

The clear_master_key parameter is unused, but it must be declared and requires the following:

  • 24 data bytes in application storage for DES and PKA,
  • 32 data bytes for AES,
  • and 0 bytes for Combined (CMB).