IBM Computer Hardware 2 User Manual Page 379
- Page / 508
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
CCA Release 2.54
Coprocessor but your application will encounter a performance penalty with
each use of the key.
Protection of the private key is provided by encrypting a confounder (a random
number) and the private key information exclusive of the modulus. An encrypted
private key in an external key-token is protected by a double-length transport key
and the EDE2 algorithm. See “CCA RSA Private Key Encryption and Decryption
Process” on page C-12. The private key and the blinding values in an internal
key-token are protected by the triple-length asymmetric master key and encryption
algorithms as specified with each private key data structure.
RSA Key-Token Sections
A PKA key-token is the concatenation of an ordered set of sections. These
key-token-section data structures are described.
Note: A modulus-exponent format is not supported for RSA keys with a modulus
(key size) greater than 1024 bits.
You form a PKA key-token by concatenating these sections:
A token header (see Figure B-8 on page B-9):
– An external header (first-byte X'1E')
– An internal header (first-byte X'1F')
An optional private-key section in one of these formats:
– Section identifier X'02' for a clear or key-encrypting key enciphered,
modulus-exponent format key up to 1024 bits
– Section identifier X'06' for a master-key enciphered, modulus-exponent
format key up to 1024 bits
– Section identifier X'08' for a CRT-format key up to 2048 bits
Section Reference Usage
Header Figure B-8 on page B-9 RSA Token Header
X'04' Figure B-13 on page B-16 RSA Public Key
X'02' Figure B-9 on page B-10 RSA Private Key, 1024-Bit
Modulus-Exponent Format. Generated for
external format for clear keys or for keys
encrypted by a key-encrypting key.
X'05' Figure B-10 on page B-11 RSA Private Key, 2048-Bit
Chinese-Remainder Format. Accepted only
as an input and not generated in Version 2.
X'06' Figure B-11 on page B-13 RSA Private Key, 1024-Bit
Modulus-Exponent Format with OPK. Only
used as a master-key encrypted, internal
format.
X'08' Figure B-12 on page B-14 RSA Private Key, Chinese-Remainder
Format with OPK. Internal and external
format; replaces section type X'05'.
X'10' Figure B-14 on page B-16 RSA Private-Key Name
Figure B-15 on page B-17
through Figure B-21 on
page B-19
RSA Public-Key Certificate(s)
X'FF' Figure B-22 on page B-20 RSA Private-Key Blinding Information
Appendix B. Data Structures B-7
- Release 2.54 1
- IBM iSeries PCICC Feature 1
- Contents 3
- CCA Release 2.54 10
- Trademarks 13
- About This Publication 15
- Release 2.52 16
- Release 2.51 16
- Release 2.41 17
- About This Publication xix 19
- Organization 22
- Related Publications 23
- Cryptography Publications 23
- Overlapped Processing 31
- CCA Access-Control 40
- Understanding Access Control 40
- Role-Based Access Control 40
- Understanding Roles 41
- Understanding Profiles 42
- Logging On and Logging Off 45
- Multi-Coprocessor Capability 48
- Establishing Master Keys 51
- Logon_Control (CSUALCT) 90
- Master_Key_Process (CSNBMKP) 97
- Related Information 100
- Random_Number_Tests (CSUARNT) 102
- Restrictions 102
- Parameters 102
- Required Commands 103
- Chapter 3. RSA Key-Management 105
- Key Generation 106
- Key Import 108
- Using the PKA Keys 109
- Extracting a Public Key 110
- PKA_Key_Generate (CSNDPKG) 111
- PKA_Key_Import (CSNDPKI) 115
- PKA_Key_Token_Build (CSNDPKB) 118
- CCA Release 2.54 122
- Digital Signatures 136
- MDC_Generate (CSNBMDG) 144
- One_Way_Hash (CSNBOWH) 147
- Chapter 5. DES Key-Management 151
- Control Vectors 154
- Key Types 155
- Key-Usage Restrictions 156
- Key Tokens 162
- Key Labels 164
- Key Identifiers 164
- Installing and Verifying Keys 165
- Generating Keys 166
- Diversifying Keys 169
- Storing Keys in Key Storage 170
- Security Precautions 171
- Clear_Key_Import (CSNBCKI) 172
- Data_Key_Export (CSNBDKX) 181
- Data_Key_Import (CSNBDKM) 183
- Key_Export (CSNBKEX) 192
- Key_Generate (CSNBKGN) 194
- Key-Length Specification 199
- Key_Import (CSNBKIM) 201
- CCA Release 2.54 Key_Import 203
- Key_Part_Import (CSNBKPI) 204
- Key_Test (CSNBKYT) 208
- Key_Token_Build (CSNBKTB) 211
- Key_Token_Change (CSNBKTC) 214
- Key_Token_Parse (CSNBKTP) 216
- Key_Translate (CSNBKTR) 219
- PKA_Decrypt (CSNDPKD) 223
- PKA_Encrypt (CSNDPKE) 225
- PKA_Encrypt CCA Release 2.54 226
- Ensuring Data Confidentiality 243
- Ensuring Data Integrity 245
- Decipher (CSNBDEC) 247
- Decipher CCA Release 2.54 248
- Encipher (CSNBENC) 250
- CCA Release 2.54 Encipher 251
- MAC_Generate (CSNBMGN) 253
- MAC_Verify (CSNBMVR) 256
- Chapter 7. Key-Storage Verbs 259
- Key-Label Content 260
- DES_Key_Record_List (CSNBKRL) 265
- PKA_Key_Record_List (CSNDKRL) 273
- PKA_Key_Record_Read (CSNDKRR) 275
- Retained_Key_List (CSNDRKL) 280
- Processing Financial PINs 284
- PIN-Verb Summary 287
- Providing Security for PINs 288
- PIN Security 289
- PIN-Calculation Methods 290
- Data_Array 290
- PIN Profile 292
- PIN-Extraction Methods 294
- Working With EMV Smart Cards 295
- Clear_PIN_Encrypt (CSNBCPE) 297
- Clear_PIN_Generate (CSNBPGN) 300
- CVV_Generate (CSNBCSG) 309
- CVV_Verify (CSNBCSV) 312
- PIN_Change/Unblock (CSNBPCU) 334
- SET_Block_Compose (CSNDSBC) 348
- SET_Block_Decompose (CSNDSBD) 352
- Return Codes 361
- Reason Codes 361
- Return Code 0 362
- Return Code 4 363
- Return Code 8 364
- Return Code 12 370
- Return Code 16 371
- Appendix B. Data Structures 373
- Null Key-Token 374
- DES Key-Tokens 375
- External DES Key-Token 377
- RSA PKA Key-Tokens 378
- RSA Key-Token Sections 379
- PKA Key-Token Integrity 380
- Chaining-Vector Records 392
- Key-Storage Records 393
- Key_Record_List Data Set 397
- Role Structure 401
- Aggregate Role Structure 402
- Access-Control-Point List 402
- Default Role Contents 403
- Profile Structure 404
- Aggregate Profile Structure 405
- Authentication Data Structure 405
- User Profile 408
- Role Data Structure 411
- Aggregate Role Data Structure 412
- Function Control Vector 414
- Encryption 417
- Changing Control Vectors 432
- Mask Array Preparation 436
- Notation Used in Calculations 444
- MDC-1 Calculation 444
- MDC-2 Calculation 445
- MDC-4 Calculation 445
- Ciphering Methods 445
- ANSI X9.23 447
- MAC Calculation Methods 453
- RSA Key-Pair Generation 455
- Access-Control Algorithms 456
- ANSI X9.31 Hash Format 459
- PKCS #1 Formats 459
- PIN-Calculation Methods 462
- PIN-Block Formats 469
- 3624 PIN-Block Format 469
- ISO-0 PIN-Block Format 470
- ISO-1 PIN-Block Format 471
- ISO-2 PIN-Block Format 472
- UKPT Calculation Methods 473
- CVV and CVC Method 476
- PIN-Block Self-encryption 479
- Appendix F. Verb List 481
- List of Abbreviations 491
- Glossary 493
- Numerics 499
- PDF File 508
Related products and manuals for Software IBM Computer Hardware 2
Software IBM SG24-5131-00 User Manual
(240 pages)
(240 pages)
Software IBM AS/400 User Manual
(489 pages)
(489 pages)
Software IBM CISCO R2E2 User Manual
(110 pages)
(110 pages)
Software IBM NETCOOL 4.3-W User Manual
(516 pages)
(516 pages)
Software IBM Server OS/390 User Manual
(76 pages)
(76 pages)
Software IBM Switch 15 User Manual
(270 pages)
(270 pages)
Software IBM SC34-7012-01 User Manual
(268 pages)
(268 pages)
Software IBM SC41-5420-04 User Manual
(116 pages)
(116 pages)
Software IBM Transaction Server OS User Manual
(103 pages)
(103 pages)
Software IBM SC34-5764-01 User Manual
(481 pages)
(481 pages)
Software IBM TIVOLI SC32-0129-00 User Manual
(82 pages)
(82 pages)
Software IBM G325-2585-02 User Manual
(90 pages)
(90 pages)
Software IBM SG24-6526-00 User Manual
(184 pages)
(184 pages)
Software IBM SC33-1686-02 User Manual
(317 pages)
(317 pages)
Software IBM 5697-VM3 User Manual
(6 pages)
(6 pages)
Software IBM DS6000 User Manual
(406 pages)
(406 pages)
Software IBM CDI5UG1107 User Manual
(178 pages)
(178 pages)
Software IBM GC28-1982-02 User Manual
(216 pages)
(216 pages)
Software IBM 12.1(22)EA6 User Manual
(550 pages)
(550 pages)
© 2020, manymanuals.com. All rights reserved. | 2.590 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals