Required commands
The access control points of CSNDT34R.
This verb requires the following commands to be enabled in the active role:
| Rule array keyword | Offset | Command |
|---|---|---|
| 2PASSRCV | X'01FD' | TR-34 Key Receive - allow 2PASSRCV |
| 1PASSRCV | X'01FE' | TR-34 Key Receive - allow 1PASSRCV |
| PKI-NONE | X'01FF' | Permit X.509 without PKI root validation |
| CRLEXPAL | X'003D' | TR-34 - Allow expired CRL |
When key wrapping method keyword specifies a wrapping method that is not the default method, the TR-34 Key Receive – Allow wrapping override keywords access control must be enabled.
| Rule array keyword | Command | Offset | Specific key type and control vector attributes |
|---|---|---|---|
| "K0" and "K1": TR-31 key encryption or wrapping, or key block protection keys | |||
| N/A | TR-34 Key Receive - permit DES EXPORTER | X'0248' | See Table 2. |
| TR-34 Key Receive - permit DES IMPORTER | X'0249' | ||
| N/A | TR-34 Key Receive - permit AES EXPORTER | X'024A' | See Table 3. |
| TR-34 Key Receive - permit AES IMPORTER | X'024B' | ||
| TR-34 Key Receive - permit AES EXPORTER with EXPTT31D | X'024C' | ||
| TR-34 Key Receive - permit AES IMPORTER with IMPTT31D | X'024D' | ||