Previous topic |
Next topic |
Contents |
Index |
Contact z/OS |
Library |
PDF
Key Test Extended (CSNBKYTX and CSNEKTX) z/OS Cryptographic Services ICSF Application Programmer's Guide SA22-7522-16 |
|
Use the key test extended service to generate or verify a secure, cryptographic verification pattern for keys. The key to test can be in the clear or encrypted under the master key. The callable service also supports keys encrypted under a key-encrypting key (KEK). AES keys are not supported by this service. Keywords in the rule array specify whether the callable service generates or verifies a verification pattern. This algorithm is supported for encrypted single and double length keys. Single, double and triple length keys are also supported with the ENC-ZERO algorithm. When the service generates a verification pattern, it creates and cryptographically processes a random number. The service returns the random number with the verification pattern. When the service tests a verification pattern against a key, you must supply the random number and the verification pattern from a previous call to key test extended. The service returns the verification result in the return and reason codes. The callable service name for AMODE(64) invocation is CSNEKTX. |
Copyright IBM Corporation 1990, 2014
|