CCA asymmetric key usage event

This subtype consists of a number of tag-length-value (TLV) triplets. The following triplets may be contained in the record. The specific set of triplets is dependent on the type of event and the information that is available.

Table 1. Subtype 45 CCA asymmetric key usage event
Tag value		Name	Length	Format	Description
Dec	Hex	Name	Length	Format	Description
257	101	KDS_LABEL	72	EBCDIC	The 64-byte KDS label left-justified and padded on the right with blanks.
259	103	KEY_NAME	64	EBCDIC	The key name from the token.
260	104	OBJ_TYPE	1	binary	Object type. X'02' Public key. X'0B' Public/Private key pair. X'0D' Trusted block. Note: When the object type is trusted block, no other key or token related information is present.
261	105	KEY_FPRINT	1 - 64	binary	One or more key fingerprints. The first byte is the number (n) of fingerprints present for the key. Following that are n type-length-value triplets. Within each of these triplets is a 1-byte fingerprint type, followed by a 1-byte length for the triplet, followed by the fingerprint. Fingerprint types: X'02' SHA-1 hash of the public key. For example, X'010105010203' indicates that there is one fingerprint value (01) which is the ciphertext obtained from using the key to encrypt 8 bytes of binary zeros in ECB mode (01). The fingerprint is 3 bytes in length (05 – 2) and the value is X'010203'.
262	106	SERVICE	8	EBCDIC	The service associated with the event.
265	109	KEY_SEC	1	binary	Key security. X'01' No key present. X'02' Clear key. X'03' Key encrypted under master key. X'04' Key encrypted under key encrypting key.
266	10A	KEY_ALG	1	binary	Key algorithm. X'07' RSA. X'08' DSA. X'09' ECC. Note: When the algorithm is DSA, the only other key or token information present is the object type.
270	10E	KEY_LEN	2	binary	The length of the public key (in bits).
272	110	KEY_USAGE_PKDS	4	binary	Key usage for private keys. Bit Meaning when set 0 Undefined. 1 Key management usage permitted. 2 Signature usage permitted. 3 Key translation permitted. 4 Key agreement usage permitted. 5-31 Reserved.
274	112	KEY_EC_CURVE	1	binary	ECC curve type. X'01' Prime curve. X'02' Brainpool curve.
275	113	START_TOD	16	binary	Start time of the interval in STCKE format.
276	114	END_TOD	16	binary	End time of the interval in STCKE format.
277	115	USG_COUNT	4	binary	Number of usages accounted for in this record.
278	116	KEY_OLD	0	N/A	The key is internal, but not wrapped under the current master key. Applies to token usage only.

The following tags may be present in the end user audit section:

X500_IDN
X500_SDN
IDID_USRI
IDID_USRF
IDID_REG
USRI

See Audit header and audit section for more details.