Previous topic |
Next topic |
Contents |
Index |
Contact z/OS |
Library |
PDF
PKA Key Token Build (CSNDPKB and CSNFPKB) z/OS Cryptographic Services ICSF Application Programmer's Guide SA22-7522-16 |
|
Use this callable service to build external PKA key tokens containing unenciphered private RSA, DSS, or ECC keys, or public RSA, DSS, or ECC keys. This callable service is used to create the following:
DSS key generation requires this information in the input skeleton token:
Note:
DSS standards define restrictions on the prime modulus
p, prime divisor q, and public generator g. (Refer to the Federal
Information Processing Standard (FIPS) Publication 186 for DSS standards.)
This callable service does not verify all of these restrictions. If
you do not follow the restrictions, the keys you generate may not
be valid DSS keys.
Restriction: DSS is not supported on a PCIXCC, CEX2C, or CEX3C. PKA key token build will still build DSS tokens, but they cannot be used in any other service on the z890, z990, z9 EC, z9 BC, z10 EC and z10 BC. ECC key generation requires this information in the skeleton token:
The callable service name for AMODE(64) invocation is CSNFPKB. |
Copyright IBM Corporation 1990, 2014
|