CCA asymmetric key usage event
This subtype consists of a number of tag-length-value (TLV) triplets. The following triplets may be contained in the record. The specific set of triplets is dependent on the type of event and the information that is available.
Tag value | Name | Length | Format | Description | |
---|---|---|---|---|---|
Dec | Hex | ||||
257 | 101 | KDS_LABEL | 72 | EBCDIC | The 64-byte KDS label left-justified and padded on the right with blanks. |
259 | 103 | KEY_NAME | 64 | EBCDIC | The key name from the token. |
260 | 104 | OBJ_TYPE | 1 | binary | Object type.
Note: When the object type is trusted block, no other key or token related information is
present.
|
261 | 105 | KEY_FPRINT | 1 - 64 | binary |
One or more key fingerprints. The first byte is the number (n) of fingerprints present for the key. Following that are n type-length-value triplets. Within each of these triplets is a 1-byte fingerprint type, followed by a 1-byte length for the triplet, followed by the fingerprint. Fingerprint types:
|
262 | 106 | SERVICE | 8 | EBCDIC | The service associated with the event. |
265 | 109 | KEY_SEC | 1 | binary | Key security.
|
266 | 10A | KEY_ALG | 1 | binary | Key algorithm.
Note: When the algorithm is DSA, the only other key or token information present is the object
type.
|
270 | 10E | KEY_LEN | 2 | binary | The length of the public key (in bits). |
272 | 110 | KEY_USAGE_PKDS | 4 | binary | Key usage for private keys.
|
274 | 112 | KEY_EC_CURVE | 1 | binary | ECC curve type.
|
275 | 113 | START_TOD | 16 | binary | Start time of the interval in STCKE format. |
276 | 114 | END_TOD | 16 | binary | End time of the interval in STCKE format. |
277 | 115 | USG_COUNT | 4 | binary | Number of usages accounted for in this record. |
278 | 116 | KEY_OLD | 0 | N/A | The key is internal, but not wrapped under the current master key. Applies to token usage only. |
The following tags may be present in the end user audit section:
- X500_IDN
- X500_SDN
- IDID_USRI
- IDID_USRF
- IDID_REG
- USRI