781 lines
22 KiB
HTML
781 lines
22 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
|
<!-- Begin Header Records -->
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<!-- Created for V5R3 by beth hagemeister 5/29/02 -->
|
|
<!-- Change history: -->
|
|
<!-- 030211 JETAYLOR html cleanup -->
|
|
<!-- 031020 BILLINGS Review 3 updates -->
|
|
<!-- 040809 BILLINGS V5R4 changes -->
|
|
<!-- end header records -->
|
|
<title>Create Algorithm Context (QC3CRTAX, Qc3CreateAlgorithmContext)</title>
|
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
|
</head>
|
|
<body>
|
|
<a name="Top_Of_Page"></a>
|
|
<!--Java sync-link-->
|
|
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
|
|
</script>
|
|
<h2>Create Algorithm Context (QC3CRTAX, Qc3CreateAlgorithmContext)</h2>
|
|
|
|
<div class="box" style="width: 80%;">
|
|
<br>
|
|
Required Parameter Group:<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
<table width="100%">
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">1</td>
|
|
<td align="left" valign="top" width="60%">Algorithm description</td>
|
|
<td align="left" valign="top" width="15%">Input</td>
|
|
<td align="left" valign="top" width="15%">Char(*)</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">2</td>
|
|
<td align="left" valign="top" width="60%">Algorithm description format
|
|
name</td>
|
|
<td align="left" valign="top" width="15%">Input</td>
|
|
<td align="left" valign="top" width="15%">Char(8)</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">3</td>
|
|
<td align="left" valign="top" width="60%">Algorithm context token</td>
|
|
<td align="left" valign="top" width="15%">Output</td>
|
|
<td align="left" valign="top" width="15%">Char(8)</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">4</td>
|
|
<td align="left" valign="top" width="60%">Error code</td>
|
|
<td align="left" valign="top" width="15%">I/O</td>
|
|
<td align="left" valign="top" width="15%">Char(*)</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
Service Program Name: QC3CTX<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
Default Public Authority: *USE<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
Threadsafe: Yes<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
</div>
|
|
|
|
<p>The Create Algorithm Context (OPM, QC3CRTAX; ILE,
|
|
Qc3CreateAlgorithmContext) API creates a temporary area for holding
|
|
the algorithm parameters and the state of the cryptographic operation. The API
|
|
returns a token which can be used on subsequent cryptographic APIs. The
|
|
algorithm context token can be used to extend a cryptographic operation over
|
|
multiple calls. The algorithm context can not be shared between jobs. It should
|
|
be destroyed using the <a href="qc3desax.htm">Destroy Algorithm Context (OPM,
|
|
QC3DESAX; ILE, Qc3DestroyAlgorithmContext) API</a>. If not explicitly
|
|
destroyed, the algorithm context will be destroyed at job end.</p>
|
|
|
|
<br>
|
|
|
|
|
|
<h3>Authorities and Locks</h3>
|
|
<dl>
|
|
<dt><strong>None</strong></dt>
|
|
</dl>
|
|
<br>
|
|
|
|
<h3>Required Parameter Group</h3>
|
|
|
|
<dl>
|
|
<dt><strong>Algorithm description</strong></dt>
|
|
|
|
<dd>INPUT; CHAR(*)
|
|
|
|
<p>The algorithm and associated parameters.<br>
|
|
The format of the algorithm description is specified in the algorithm
|
|
description format name parameter.</p>
|
|
</dd>
|
|
|
|
<dt><strong>Algorithm description format name</strong></dt>
|
|
<dd>INPUT; CHAR(8)
|
|
|
|
<p>The format of the algorithm description.<br>
|
|
The possible format names follow.</p>
|
|
|
|
<dl>
|
|
<dt><strong><a href="#algd0200">ALGD0200</a></strong></dt>
|
|
|
|
<dd>Block cipher algorithm (DES, Triple DES, AES, and
|
|
RC2).<br>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong><a href="#algd0300">ALGD0300</a></strong></dt>
|
|
|
|
<dd>Stream cipher algorithm (RC4-compatible).<br>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong><a href="#algd0400">ALGD0400</a></strong></dt>
|
|
|
|
<dd>Public key algorithm (RSA).<br>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong><a href="#algd0500">ALGD0500</a></strong></dt>
|
|
|
|
<dd>Hash algorithm (MD5, SHA-1, SHA-256, SHA-384, SHA-512).<br>
|
|
<br>
|
|
</dd>
|
|
|
|
</dl>
|
|
|
|
<p>See <a href="#algs">Algorithm Description Formats</a> for a description of
|
|
these formats.</p>
|
|
</dd>
|
|
|
|
|
|
<dt><strong>Algorithm context token</strong></dt>
|
|
<dd>OUTPUT; CHAR(8)
|
|
|
|
<p>The area to store the token for the created algorithm context.<br>
|
|
Each token will contain an authentication value. If the token is used
|
|
on a subsequent API but with an incorrect authentication value, the user
|
|
will be subjected to a 10 second penalty wait. For each authentication error
|
|
in that job, the penalty wait will increase 10 seconds up to a maximum of 10 minutes.</p>
|
|
</dd>
|
|
|
|
|
|
<dt><strong>Error code</strong></dt>
|
|
<dd>I/O; CHAR(*)
|
|
|
|
<p>The structure in which to return error information.<br>
|
|
For the format of the structure, see <a href="../apiref/error.htm#hdrerrcod">Error Code
|
|
Parameter</a>.</p>
|
|
</dd>
|
|
</dl>
|
|
|
|
<h3><a name="algs">Algorithm Description Formats</a></h3>
|
|
|
|
For detailed descriptions of the fields in the tables, see <a href="#algfield">
|
|
Algorithm Description Formats Field Descriptions</a>.
|
|
|
|
<h4><a name="algd0200">ALGD0200 format</a></h4>
|
|
|
|
<table border width="70%">
|
|
<tr>
|
|
<th align="center" valign="bottom" colspan="2">Offset</th>
|
|
<th align="left" valign="bottom" rowspan="2">Type</th>
|
|
<th align="left" valign="bottom" rowspan="2">Field</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th align="center" valign="bottom">Dec</th>
|
|
<th align="center" valign="bottom">Hex</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="left" valign="top" width="20%">BINARY(4)</td>
|
|
<td align="left" valign="top" width="60%">Block cipher algorithm</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">4</td>
|
|
<td align="center" valign="top">4</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">Block length</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">8</td>
|
|
<td align="center" valign="top">8</td>
|
|
<td align="left" valign="top">CHAR(1)</td>
|
|
<td align="left" valign="top">Mode</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">9</td>
|
|
<td align="center" valign="top">9</td>
|
|
<td align="left" valign="top">CHAR(1)</td>
|
|
<td align="left" valign="top">Pad option</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">10</td>
|
|
<td align="center" valign="top">A</td>
|
|
<td align="left" valign="top">CHAR(1)</td>
|
|
<td align="left" valign="top">Pad character</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">11</td>
|
|
<td align="center" valign="top">B</td>
|
|
<td align="left" valign="top">CHAR(1)</td>
|
|
<td align="left" valign="top">Reserved</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">12</td>
|
|
<td align="center" valign="top">C</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">MAC length</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">16</td>
|
|
<td align="center" valign="top">10</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">Effective key size</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">20</td>
|
|
<td align="center" valign="top">14</td>
|
|
<td align="left" valign="top">CHAR(32)</td>
|
|
<td align="left" valign="top">Initialization vector</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<h4><a name="algd0300">ALGD0300 format</a></h4>
|
|
|
|
<table border width="70%">
|
|
<tr>
|
|
<th align="center" valign="bottom" colspan="2">Offset</th>
|
|
<th align="left" valign="bottom" rowspan="2">Type</th>
|
|
<th align="left" valign="bottom" rowspan="2">Field</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th align="center" valign="bottom">Dec</th>
|
|
<th align="center" valign="bottom">Hex</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="left" valign="top" width="20%">BINARY(4)</td>
|
|
<td align="left" valign="top" width="60%">Stream cipher algorithm</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<h4><a name="algd0400">ALGD0400 format</a></h4>
|
|
|
|
<table border width="70%">
|
|
<tr>
|
|
<th align="center" valign="bottom" colspan="2">Offset</th>
|
|
<th align="left" valign="bottom" rowspan="2">Type</th>
|
|
<th align="left" valign="bottom" rowspan="2">Field</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th align="center" valign="bottom">Dec</th>
|
|
<th align="center" valign="bottom">Hex</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="left" valign="top" width="20%">BINARY(4)</td>
|
|
<td align="left" valign="top" width="60%">Public key algorithm</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">4</td>
|
|
<td align="center" valign="top">4</td>
|
|
<td align="left" valign="top">CHAR(1)</td>
|
|
<td align="left" valign="top">PKA block format</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">5</td>
|
|
<td align="center" valign="top">5</td>
|
|
<td align="left" valign="top">CHAR(3)</td>
|
|
<td align="left" valign="top">Reserved</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top">8</td>
|
|
<td align="center" valign="top">8</td>
|
|
<td align="left" valign="top">BINARY(4)</td>
|
|
<td align="left" valign="top">Signing hash algorithm</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<h4><a name="algd0500">ALGD0500 format</a></h4>
|
|
|
|
<table border width="70%">
|
|
<tr>
|
|
<th align="center" valign="bottom" colspan="2">Offset</th>
|
|
<th align="left" valign="bottom" rowspan="2">Type</th>
|
|
<th align="left" valign="bottom" rowspan="2">Field</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th align="center" valign="bottom">Dec</th>
|
|
<th align="center" valign="bottom">Hex</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="center" valign="top" width="10%">0</td>
|
|
<td align="left" valign="top" width="20%">BINARY(4)</td>
|
|
<td align="left" valign="top" width="60%">Hash algorithm</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<h4><a name="algfield"><strong>Algorithm Description Formats Field
|
|
Descriptions</strong></a></h4>
|
|
|
|
<dl>
|
|
<dt><strong>Block cipher algorithm</strong></dt>
|
|
|
|
<dd>Following are the valid block cipher algorithms:
|
|
|
|
<table width="95%">
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>20</strong></td>
|
|
<td align="left" valign="top" width="95%">DES<br>
|
|
Documented in FIPS 46-3. DES is no longer considered secure enough for today's fast computers. It should be used for compatibility purposes only.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>21</strong></td>
|
|
<td align="left" valign="top" width="95%">Triple DES<br>
|
|
Documented in FIPS 46-3.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>22</strong></td>
|
|
<td align="left" valign="top" width="95%">AES<br>
|
|
Documented in FIPS 197.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>23</strong></td>
|
|
<td align="left" valign="top" width="95%">RC2<br>
|
|
Documented in RFC 2268.</td>
|
|
</tr>
|
|
</table>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong>Block length</strong></dt>
|
|
|
|
<dd>The algorithm block length. For DES, Triple DES, and RC2, this field must
|
|
specify 8. The valid block length values for AES are 16, 24, and 32.
|
|
<br><br>
|
|
</dd>
|
|
|
|
|
|
<dt><strong>Effective key size</strong></dt>
|
|
|
|
<dd>For RC2, the number of key bits to use in the cipher operation. Valid
|
|
values are from 1 to 1024. If RC2 is not specifed for the block cipher
|
|
algorithm, this field must be set to 0.
|
|
<br><br>
|
|
</dd>
|
|
|
|
<dt><strong>Hash algorithm</strong></dt>
|
|
|
|
<dd>Following are the valid hash algorithms:
|
|
|
|
<table width="95%">
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>1</strong></td>
|
|
<td align="left" valign="top" width="95%">MD5<br>
|
|
Documented in RFC 1321.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>2</strong></td>
|
|
<td align="left" valign="top" width="95%">SHA-1<br>
|
|
Documented in FIPS 180-2.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>3</strong></td>
|
|
<td align="left" valign="top" width="95%">SHA-256<br>
|
|
Documented in FIPS 180-2.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>4</strong></td>
|
|
<td align="left" valign="top" width="95%">SHA-384<br>
|
|
Documented in FIPS 180-2.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>5</strong></td>
|
|
<td align="left" valign="top" width="95%">SHA-512<br>
|
|
Documented in FIPS 180-2.</td>
|
|
</tr>
|
|
</table>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong>Initialization vector</strong></dt>
|
|
|
|
<dd>The initialization vector (IV). Refer to the mode standards for an explanation of its
|
|
use. For DES, Triple DES, and RC2, the first 8 bytes are used as the IV. For
|
|
AES, the length of IV used is that specified by block length. The IV need not
|
|
be secret, but it should be unique for each message. If not unique, it may
|
|
compromise security. The IV can be any value. To obtain a good random IV value,
|
|
use the <a href="qc3genprns.htm">Generate Pseudorandom Numbers (OPM, QC3GENPRN;
|
|
ILE, Qc3GenPRNs) API</a>. An IV is not used for mode ECB, and must be
|
|
set to NULL (hex 0's).
|
|
<br><br>
|
|
</dd>
|
|
|
|
<dt><strong>MAC length</strong></dt>
|
|
|
|
<dd>The message authentication code length. This field is used only by the <a
|
|
href="qc3calma.htm">Calculate MAC (OPM, QC3CALMA; ILE, Qc3CalMAC) API</a>. MAC
|
|
length can not exceed the block length value. When calculating a MAC, the
|
|
leftmost MAC length bytes from the last block of encrypted data are returned as
|
|
the MAC.
|
|
<br><br>
|
|
</dd>
|
|
|
|
<dt><strong>Mode</strong></dt>
|
|
|
|
<dd>The mode of operation. Information on modes can be found in FIPS PUB 81 and
|
|
ANSI X9.52. Following are the valid modes:
|
|
|
|
<table width="95%">
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>0</strong></td>
|
|
<td align="left" valign="top" width="95%">ECB</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>1</strong></td>
|
|
<td align="left" valign="top" width="95%">CBC</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>2</strong></td>
|
|
<td align="left" valign="top" width="95%">OFB. Not valid with AES or RC2.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>3</strong></td>
|
|
<td align="left" valign="top" width="95%">CFB 1-bit. Not valid with AES or
|
|
RC2.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>4</strong></td>
|
|
<td align="left" valign="top" width="95%">CFB 8-bit. Not valid with AES or
|
|
RC2.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>5</strong></td>
|
|
<td align="left" valign="top" width="95%">CFB 64-bit. Not valid with AES or
|
|
RC2.</td>
|
|
</tr>
|
|
</table>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong>Pad character</strong></dt>
|
|
|
|
<dd>The pad character for pad option 1. Using hex 00 as the pad character is
|
|
equivalent to ANSI X9.23 padding.
|
|
<br><br>
|
|
</dd>
|
|
|
|
<dt><strong>Pad option</strong></dt>
|
|
|
|
<dd>Padding, if requested, is performed at the end of the operation. Be sure
|
|
the area provided for the encrypted data is large enough to include the pad characters.
|
|
The data will be padded up to the next block length byte multiple. For example,
|
|
when using DES and and total data to encrypt is 20, the text is padded to 24.
|
|
The last byte is filled with a 1-byte binary counter containing the number of
|
|
pad characters used. The preceeding pad characters are filled as specified by
|
|
this field. Padding is not performed for modes CFB 1-bit and CFB 8-bit. In
|
|
these cases, the pad option must be set to 0. Following are the valid pad
|
|
options.
|
|
|
|
|
|
<table width="95%">
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>0</strong></td>
|
|
<td align="left" valign="top" width="95%">No padding is performed.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>1</strong></td>
|
|
<td align="left" valign="top" width="95%">Use the character specified in the
|
|
pad character field for padding.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>2</strong></td>
|
|
<td align="left" valign="top" width="95%">The pad counter is used as the pad
|
|
character. This is equivalent to PKCS #5 padding.</td>
|
|
</tr>
|
|
</table>
|
|
<br>
|
|
</dd>
|
|
|
|
|
|
<dt><strong>PKA block format</strong></dt>
|
|
|
|
<dd>The public key algorithm block format. Following are the valid values:
|
|
|
|
<table width="95%">
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>0</strong></td>
|
|
<td align="left" valign="top" width="95%">PKCS #1 block type 00</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>1</strong></td>
|
|
<td align="left" valign="top" width="95%">PKCS #1 block type 01</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>2</strong></td>
|
|
<td align="left" valign="top" width="95%">PKCS #1 block type 02<br>
|
|
This format is allowed on encryption and decryption operations only.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>3</strong></td>
|
|
<td align="left" valign="top" width="95%">ISO 9796-1<br>
|
|
This format is allowed on calculate signature and verify signature operations only. Because of security weaknesses, this format should be used for compatibility purposes only.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>4</strong></td>
|
|
<td align="left" valign="top" width="95%">Zero pad<br>
|
|
This format is allowed on encryption and decryption operations only. The clear data is placed in the low-order bit positions of a string of the same bit-length as the key modulus. All leading bits are set to zero.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>5</strong></td>
|
|
<td align="left" valign="top" width="95%">ANSI X9.31<br>
|
|
This format is allowed on calculate signature and verify signature operations only.</td>
|
|
</tr>
|
|
|
|
<tr><td><img src="delta.gif" alt="Start of change"></td></tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>6</strong></td>
|
|
<td align="left" valign="top" width="95%">OAEP</td>
|
|
</tr>
|
|
|
|
<tr><td><img src="deltaend.gif" alt="End of change"></td></tr>
|
|
|
|
</table>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong>Public key algorithm</strong></dt>
|
|
|
|
<dd>Following are the valid public key algorithms:
|
|
|
|
<table width="95%">
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>50</strong></td>
|
|
<td align="left" valign="top" width="95%">RSA<br>
|
|
Documented in Public-Key Cryptography Standard (PKCS) #1.</td>
|
|
</tr>
|
|
|
|
</table>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong>Reserved</strong></dt>
|
|
|
|
<dd>Must be null (binary 0s).
|
|
<br><br>
|
|
</dd>
|
|
|
|
<dt><strong>Signing hash algorithm</strong></dt>
|
|
|
|
<dd>The hash algorithm for a sign or verify operation. Following are the valid
|
|
values for the signing hash algorithm:
|
|
|
|
<table width="95%">
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>0</strong></td>
|
|
<td align="left" valign="top" width="95%">This algorithm context will not be
|
|
used in a sign or verify operation.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>1</strong></td>
|
|
<td align="left" valign="top" width="95%">MD5<br>
|
|
Documented in RFC 1321.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>2</strong></td>
|
|
<td align="left" valign="top" width="95%">SHA-1<br>
|
|
Documented in FIPS 180-2.</td>
|
|
</tr>
|
|
</table>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong>Stream cipher algorithm</strong></dt>
|
|
|
|
<dd>Following are the valid stream cipher algorithms:
|
|
|
|
<table width="95%">
|
|
<tr>
|
|
<td align="left" valign="top" width="5%"><strong>30</strong></td>
|
|
<td align="left" valign="top" width="95%">RC4-compatible</td>
|
|
</tr>
|
|
</table>
|
|
</dd>
|
|
</dl>
|
|
|
|
|
|
<h3>Standards Resources</h3>
|
|
|
|
<ul>
|
|
<li>FIPS publications are available from NIST Computer Security Resource Center
|
|
at <a href="http://csrc.nist.gov/" target="_blank">http://csrc.nist.gov/</a><img src="www.gif" alt="Link outside Information Center">.</li>
|
|
|
|
<li>RFC publications are available from IETF at <a href="http://www.ietf.org" target="_blank">
|
|
http://www.ietf.org/</a><img src="www.gif" alt="Link outside Information Center">.</li>
|
|
|
|
<li>PKCS publications are available from RSA Security Inc. web pages.</li>
|
|
|
|
<li>ANSI and ISO publications are available from the ANSI eStandards store at
|
|
<a href=
|
|
"http://webstore.ansi.org/ansidocstore/" target="_blank">http://webstore.ansi.org/ansidocstore/</a><img src="www.gif" alt="Link outside Information Center">.</li>
|
|
|
|
<li>ISO publications are available from the ISO Store at <a href=
|
|
"http://www.iso.org/iso/en/prods-services/ISOstore/store.html" target="_blank">http://www.iso.org/iso/en/prods-services/ISOstore/store.html</a><img src="www.gif" alt="Link outside Information Center">.</li>
|
|
</ul>
|
|
|
|
<h3>Error Messages</h3>
|
|
|
|
<table width="100%">
|
|
|
|
<tr>
|
|
<th align="left" valign="top">Message ID</th>
|
|
<th align="left" valign="top">Error Message Text</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top" width="15%">CPF24B4 E</td>
|
|
<td valign="top" width="85%">Severe error while addressing parameter list.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF3C1E E</td>
|
|
<td valign="top">Required parameter &1 omitted.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF3CF1 E</td>
|
|
<td valign="top">Error code parameter not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9872 E</td>
|
|
<td valign="top">Program or service program &1 in library &2 ended. Reason code &3.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DD2 E</td>
|
|
<td valign="top">Algorithm description format name not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DD9 E</td>
|
|
<td valign="top">Effective key size not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DDA E</td>
|
|
<td valign="top">Unexpected return code &1.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DDE E</td>
|
|
<td valign="top">Cipher algorithm not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DDF E</td>
|
|
<td valign="top">Block length not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DE0 E</td>
|
|
<td valign="top">Hash algorithm not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DE1 E</td>
|
|
<td valign="top">Initialization vector not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DE2 E</td>
|
|
<td valign="top">MAC (message authentication code) length not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DE3 E</td>
|
|
<td valign="top">Mode not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DE4 E</td>
|
|
<td valign="top">Pad option not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DE5 E</td>
|
|
<td valign="top">PKA (public key algorithm) block format not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DE6 E</td>
|
|
<td valign="top">Public key algorithm not valid.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td valign="top">CPF9DEE E</td>
|
|
<td valign="top">Reserved field not null.</td>
|
|
</tr>
|
|
|
|
</table>
|
|
|
|
<br>
|
|
<br>
|
|
|
|
|
|
<hr>
|
|
API introduced: V5R3
|
|
|
|
<hr>
|
|
<center>
|
|
<table cellpadding="2" cellspacing="2">
|
|
<tr align="center">
|
|
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
|
|
"catcrypt.htm">Cryptographic Services APIs</a> | <a href="aplist.htm">APIs by
|
|
category</a></td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
</body>
|
|
</html>
|
|
|