CCA symmetric key usage event
This subtype consists of a number of tag-length-value (TLV) triplets. The following triplets may be contained in the record. The specific set of triplets is dependent on the type of event and the information that is available.
Tag value | Name | Length | Format | Description | |
---|---|---|---|---|---|
Dec | Hex | ||||
257 | 101 | KDS_LABEL | 72 | EBCDIC | The label in the KDS. |
259 | 103 | KEY_NAME | 64 | EBCDIC | The key name from the token. Applies to variable-length CCA tokens only. |
261 | 105 | KEY_FPRINT | 1 - 64 | binary |
One or more key fingerprints. The first byte is the number (n) of fingerprints present for the key. Following that are n type-length-value triplets. Within each of these triplets is a 1-byte fingerprint type, followed by a 1-byte length for the triplet, followed by the fingerprint. Fingerprint types:
|
262 | 106 | SERVICE | 8 | EBCDIC | The service associated with the event. |
264 | 108 | TOK_FMT | 1 | binary | The format of the token.
Note:
|
265 | 109 | KEY_SEC | 1 | binary | Key security.
|
266 | 10A | KEY_ALG | 1 | binary | Key algorithm.
|
267 | 10B | KEY_TYPE | 2 | binary | Key type. The key type from the token. Applies to variable-length CCA tokens only. See “Variable-length symmetric key token” in z/OS Cryptographic Services ICSF Application Programmer's Guide for the list of key types. |
268 | 10C | KEY_CV | 8 | binary | Key control vector. The first eight bytes of the control vector from the token. Applies to fixed-length DES CCA tokens only. See Appendix C in z/OS Cryptographic Services ICSF Application Programmer's Guide for information on how to interpret the control vector. |
269 | 10D | KEY_USAGE_CKDS | 3 - 33 | binary | Key usage fields. Consists of a 1 byte count followed by one or more 2-byte key usage fields. Applies to variable-length CCA tokens only. See Appendix B in z/OS Cryptographic Services ICSF Application Programmer's Guide for the list of key usage values for variable length tokens. |
270 | 10E | KEY_LEN | 2 | binary | The length of the key (in bits). Applies to fixed-length CCA tokens only. |
275 | 113 | START_TOD | 16 | binary | Start time of the interval in STCKE format. |
276 | 114 | END_TOD | 16 | binary | End time of the interval in STCKE format. |
277 | 115 | USG_COUNT | 4 | binary | Number of usages accounted for in this record. |
278 | 116 | KEY_OLD | 0 | binary | The key is internal, but not wrapped under the current master key. Additionally, if key store policy is enabled for CKDS, the key is wrapped under the old master key. Applies to token usage only. |
- X500_IDN
- X500_SDN
- IDID_USRI
- IDID_USRF
- IDID_REG
- USRI