z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Parameters

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

return_code
Direction: OutputType: Integer

The return code specifies the general result of the callable service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.

reason_code
Direction: OutputType: Integer

The reason code specifies the result of the callable service that is returned to the application program. Each return code has different reason codes that are assigned to it that indicate specific processing problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.

exit_data_length
Direction: Input/OutputType: Integer

The length of the data that is passed to the installation exit. The length can be from X'00000000' to X'7FFFFFFF' (2 gigabytes). The data is identified in the exit_data parameter.

exit_data
Direction: Input/OutputType: String

The data that is passed to the installation exit.

rule_array_count
Direction: InputType: Integer

The number of keywords you supplied in the rule_array parameter. This value must be 1.

rule_array
Direction: InputType: String

The keyword that provides control information to the callable service. The keyword is left-justified in an 8-byte field and padded on the right with blanks.

Table 74. Keywords for PKA Decrypt
KeywordMeaning
Recovery Method (required) specifies the method to use to recover the key value.
PKCS-1.2RSA DSI PKCS #1 block type 02 will be used to recover the key value.
ZERO-PADThe input PKA_enciphered_keyvalue is decrypted using the RSA private key. The entire result (including leading zeros) will be returned in the target_keyvalue field. The PKA_key_identifier must be an external RSA token or the labelname of a external token. This keyword requires requires May 2004 or later version of Licensed Internal Code (LIC) or a z890.

This support on the PCICA does not require LIC code updates.

PKA_enciphered_keyvalue_length
Direction: InputType: integer

The length of the PKA_enciphered_keyvalue parameter in bytes. The maximum size that you can specify is 512 bytes. The length should be the same as the modulus length of the PKA_key_identifier.

PKA_enciphered_keyvalue
Direction: InputType: String

This field contains the key value protected under an RSA public key. This byte-length string is left-justified within the PKA_enciphered_keyvalue parameter.

data_structure_length
Direction: InputType: Integer

The value must be 0.

data_structure
Direction: InputType: String

This field is currently ignored.

PKA_key_identifier_length
Direction: InputType: Integer

The length of the PKA_key_identifier parameter. When the PKA_key_identifier is a key label, this field specifies the length of the label. The maximum size that you can specify is 3500 bytes.

PKA_key_identifier
Direction: InputType: String

An external token with clear key values in ME format may also be used.

target_keyvalue_length
Direction: Input/OutputType: Integer

The length of the target_keyvalue parameter. The maximum size that you can specify is 512 bytes. On return, this field is updated with the actual length of target_keyvalue.

If ZERO-PAD is specified, this length will be the same as the PKA_enciphered_keyvalue_length which is equal to the RSA modulus byte length.

target_keyvalue
Direction: OutputType: String

This field will contain the decrypted, deformatted key value. If ZERO-PAD is specified, the decrypted key value, including leading zeros, will be returned.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014