friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/qc3impky.htm

507 lines
14 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<!-- Begin Header Records -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Created for V5R4 by beth hagemeister 8/24/04 -->
<!-- Change history: -->
<!-- 050321 BILLINGS V5R4 Take out format parm -->
<!-- end header records -->
<title>Import Key (QC3IMPKY, Qc3ImportKey)</title>
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body>
<a name="Top_Of_Page"></a>
<!--Java sync-link-->
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
</script>
<h2>
<img src="delta.gif" alt="Start of change">
Import Key (QC3IMPKY, Qc3ImportKey)</h2>
<div class="box" style="width: 80%;">
<br>
&nbsp;&nbsp;Required Parameter Group:<br>
<!-- iddvc RMBR -->
<br>
<table width="100%">
<tr>
<td align="center" valign="top" width="10%">1</td>
<td align="left" valign="top" width="60%">Key string</td>
<td align="left" valign="top" width="15%">Input</td>
<td align="left" valign="top" width="15%">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">2</td>
<td align="left" valign="top" width="60%">Length of key string</td>
<td align="left" valign="top" width="15%">Input</td>
<td align="left" valign="top" width="15%">Binary(4)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">3</td>
<td align="left" valign="top" width="60%">Key form</td>
<td align="left" valign="top" width="15%">Input</td>
<td align="left" valign="top" width="15%">Char(1)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">4</td>
<td align="left" valign="top" width="60%">Key-encrypting key context token</td>
<td align="left" valign="top" width="15%">Input</td>
<td align="left" valign="top" width="15%">Char(8)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">5</td>
<td align="left" valign="top" width="60%">Key-encrypting algorithm context
token</td>
<td align="left" valign="top" width="15%">Input</td>
<td align="left" valign="top" width="15%">Char(8)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">6</td>
<td align="left" valign="top" width="60%">Master key ID</td>
<td align="left" valign="top" width="15%">Input</td>
<td align="left" valign="top" width="15%">Binary(4)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">7</td>
<td align="left" valign="top" width="60%">Disallowed function</td>
<td align="left" valign="top" width="15%">Input</td>
<td align="left" valign="top" width="15%">Binary(4)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">8</td>
<td align="left" valign="top" width="60%">Master key KVV</td>
<td align="left" valign="top" width="15%">Output</td>
<td align="left" valign="top" width="15%">Char(20)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">9</td>
<td align="left" valign="top" width="60%">Imported key</td>
<td align="left" valign="top" width="15%">Output</td>
<td align="left" valign="top" width="15%">Char(*)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">10</td>
<td align="left" valign="top" width="60%">Length of area provided for imported key</td>
<td align="left" valign="top" width="15%">Input</td>
<td align="left" valign="top" width="15%">Binary(4)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">11</td>
<td align="left" valign="top" width="60%">Length of imported key returned</td>
<td align="left" valign="top" width="15%">Output</td>
<td align="left" valign="top" width="15%">Binary(4)</td>
</tr>
<tr>
<td align="center" valign="top" width="10%">12</td>
<td align="left" valign="top" width="60%">Error code</td>
<td align="left" valign="top" width="15%">I/O</td>
<td align="left" valign="top" width="15%">Char(*)</td>
</tr>
</table>
<br>
&nbsp;Service Program Name: QC3KYIMP<br>
<!-- iddvc RMBR -->
<br>
&nbsp;Default Public Authority: *EXCLUDE<br>
<!-- iddvc RMBR -->
<br>
&nbsp;Threadsafe: Yes<br>
<!-- iddvc RMBR -->
<br>
</div>
<p>The Import Key (OPM, QC3IMPKY; ILE, Qc3ImportKey)
API encrypts a key under the specified master key.
</p>
<br>
<h3>Authorities and Locks</h3>
<dl>
<dt>None.</dt>
</dl>
<br>
<h3>Required Parameter Group</h3>
<dl>
<dt><strong>Key string</strong></dt>
<dd>INPUT; CHAR(*)
<p>The key to be encrypted under a master key. This can be a symmetric key or
a PKA private key.
</p>
</dd>
<dt><strong>Length of key string</strong></dt>
<dd>INPUT; BINARY(4)
<p>Length of the key string specified in the key string parameter.</p>
</dd>
<dt><strong>Key form</strong></dt>
<dd>INPUT; CHAR(1)
<p>An indicator specifying if the key string parameter is in encrypted form.</p>
<table width="95%">
<!-- cols="5 95" -->
<tr>
<td align="left" valign="top" width="5%"><strong>0</strong></td>
<td align="left" valign="top" width="95%">Clear.<br>
The key string is not encrypted.</td>
</tr>
<tr>
<td align="left" valign="top"><strong>1</strong></td>
<td align="left" valign="top">Encrypted.<br>
The key string is encrypted. The key-encrypting key context token and
key-encrypting algorithm context token parameters are used to decrypt the key
string before encrypting it under the specified master key.</td>
</tr>
</table>
<br>
</dd>
<dt><strong>Key-encrypting key context token</strong></dt>
<dd>INPUT; CHAR(8)
<p>The key context token specifying the key for decrypting the key string
parameter. If the key string parameter is not encrypted (key form parameter is
0), this parameter must be set to blanks or the pointer to this parameter set
to NULL.</p>
</dd>
<dt><strong>Key-encrypting algorithm context token</strong></dt>
<dd>INPUT; CHAR(8)
<p>The algorithm context token specifying the algorithm for decrypting the key
string parameter. If the key string parameter is not encrypted (key form
parameter is 0), this parameter must be set to blanks or the pointer to this
parameter set to NULL.</p>
</dd>
<dt><strong>Master key ID</strong></dt>
<dd>INPUT; BINARY(4)
<p>The master key under which the specified key will be encrypted.
For more information about master
keys, refer to <a href="qc3MasterKeys.htm">Cryptographic Services Master Keys</a>.
The master key IDs are
</p>
<table width="100%">
<!-- cols="5 95" -->
<tr>
<td align="left" valign="top" width="15%"><strong>1</strong></td>
<td align="left" valign="top" width="85%">Master key 1</td>
</tr>
<tr>
<td align="left" valign="top" width="15%"><strong>2</strong></td>
<td align="left" valign="top">Master key 2</td>
</tr>
<tr>
<td align="left" valign="top" width="15%"><strong>3</strong></td>
<td align="left" valign="top">Master key 3</td>
</tr>
<tr>
<td align="left" valign="top" width="15%"><strong>4</strong></td>
<td align="left" valign="top">Master key 4</td>
</tr>
<tr>
<td align="left" valign="top" width="15%"><strong>5</strong></td>
<td align="left" valign="top">Master key 5</td>
</tr>
<tr>
<td align="left" valign="top" width="15%"><strong>6</strong></td>
<td align="left" valign="top">Master key 6</td>
</tr>
<tr>
<td align="left" valign="top" width="15%"><strong>7</strong></td>
<td align="left" valign="top">Master key 7</td>
</tr>
<tr>
<td align="left" valign="top" width="15%"><strong>8</strong></td>
<td align="left" valign="top">Master key 8</td>
</tr>
</table>
<br>
</dd>
<dt><strong>Disallowed function</strong></dt>
<dd>INPUT; BINARY(4)
<p>This parameter specifies the functions that cannot be used with this key.
The values listed below can be added together to disallow multiple functions.
For example, to disallow everything but MACing, set the value to hex 11.
This value should be saved along with the encrypted key value because it will
be required when the encrypted key value is used on an API.</p>
<table width="95%">
<!-- cols="5 95" -->
<tr>
<td align="left" valign="top" width="10%"><strong>0</strong></td>
<td align="left" valign="top" width="90%">No functions are disallowed.</td>
</tr>
<tr>
<td align="left" valign="top"><strong>1</strong></td>
<td align="left" valign="top">Encryption is disallowed.</td>
</tr>
<tr>
<td align="left" valign="top"><strong>2</strong></td>
<td align="left" valign="top">Decryption is disallowed.</td>
</tr>
<tr>
<td align="left" valign="top"><strong>4</strong></td>
<td align="left" valign="top">MACing is disallowed.</td>
</tr>
<tr>
<td align="left" valign="top"><strong>8</strong></td>
<td align="left" valign="top">Signing is disallowed.</td>
</tr>
</table>
<br>
</dd>
<dt><strong>Master key KVV</strong></dt>
<dd>OUTPUT; CHAR(20)
<p>The key verification value of the master key that was used to encrypt
the key. This value should be saved along with the encrypted key value.
When the encrypted key value is used on an API and the KVV is supplied, the
API will be able to determine which version of the master key should be used
to decrypt the key.<br>
</p>
</dd>
<dt><strong>Imported key</strong></dt>
<dd>OUTPUT; CHAR(*)
<p>The area to store the imported key.<br>
</p>
</dd>
<dt><strong>Length of area provided for imported key</strong></dt>
<dd>INPUT; BINARY(4)
<p>The length of the imported key parameter.<br>
To ensure sufficient space, specify an area as large as the clear key string
length plus space for padding. The key string will be
encrypted using AES with a 32-byte block size. Therefore, the clear key string
length will always be padded out to the next 32-byte boundary before encrypting.<br>
</p>
</dd>
<dt><strong>Length of imported key returned</strong></dt>
<dd>OUTPUT; BINARY(4)
<p>The length of the imported key returned in the imported key parameter.<br>
If the length of area provided for the imported key is too small, an error will be generated and no data will be returned in the imported key parameter.
</p>
</dd>
<dt><strong>Error code</strong></dt>
<dd>I/O; CHAR(*)
<p>The structure in which to return error information.
For the format of the structure, see <a href="../apiref/error.htm#hdrerrcod">Error Code
Parameter</a>.</p>
</dd>
</dl>
<br>
<h3>Error Messages</h3>
<table cellpadding="3">
<tr>
<th align="left" valign="top">Message ID</th>
<th align="left" valign="top">Error Message Text</th>
</tr>
<tr>
<td width="15%" valign="top">CPF24B4 E</td>
<td width="85%" valign="top">Severe error while addressing parameter list.</td>
</tr>
<tr>
<td valign="top">CPF3C1E E</td>
<td valign="top">Required parameter &amp;1 omitted.</td>
</tr>
<tr>
<td valign="top">CPF3CF1 E</td>
<td valign="top">Error code parameter not valid.</td>
</tr>
<tr>
<td align="left">CPF3CF2 E</td>
<td align="left">Error(s) occurred during running of &amp;1
API.</td>
</tr>
<tr>
<td valign="top">CPF9872 E</td>
<td valign="top">Program or service program &amp;1 in library &amp;2 ended. Reason code &amp;3.</td>
</tr>
<tr>
<td valign="top">CPF9DAA E</td>
<td valign="top">A key requires translation.</td>
</tr>
<tr>
<td valign="top">CPF9DAB E</td>
<td valign="top">A key can not be decrypted.</td>
</tr>
<tr>
<td valign="top">CPF9DAC E</td>
<td valign="top">Disallowed function value not valid.</td>
</tr>
<tr>
<td valign="top">CPF9DAD E</td>
<td valign="top">The master key ID is not valid.</td>
</tr>
<tr>
<td valign="top">CPF9DAF E</td>
<td valign="top">&amp;1 version of master key &amp;2 is not set.</td>
</tr>
<tr>
<td valign="top">CPF9DC2 E</td>
<td valign="top">Key-encrypting algorithm context not compatible with key-encrypting key context.</td>
</tr>
<tr>
<td valign="top">CPF9DD6 E</td>
<td valign="top">Length of area provided for output data is too small.</td>
</tr>
<tr>
<td valign="top">CPF9DD7 E</td>
<td valign="top">The key-encrypting key context for the specified key is not valid or was previously destroyed.</td>
</tr>
<tr>
<td valign="top">CPF9DD8 E</td>
<td valign="top">The key-encrypting algorithm context for the specified key is not valid or was previously destroyed.</td>
</tr>
<tr>
<td valign="top">CPF9DDA E</td>
<td valign="top">Unexpected return code &amp;1.</td>
</tr>
<tr>
<td valign="top">CPF9DDB E</td>
<td valign="top">The key string or Diffie-Hellman parameter string is not valid.</td>
</tr>
<tr>
<td valign="top">CPF9DDD E</td>
<td valign="top">The key string length is not valid.</td>
</tr>
<tr>
<td valign="top">CPF9DE8 E</td>
<td valign="top">Key form not valid.</td>
</tr>
<tr>
<td valign="top">CPF9DF1 E</td>
<td valign="top">The algorithm context token does not reference a valid algorithm context.</td>
</tr>
<tr>
<td valign="top">CPF9DF2 E</td>
<td valign="top">The algorithm context is not found or was previously destroyed.</td>
</tr>
<tr>
<td valign="top">CPF9DF3 E</td>
<td valign="top">Algorithm in algorithm context not valid for requested operation.</td>
</tr>
<tr>
<td valign="top">CPF9DF4 E</td>
<td valign="top">The key context token does not reference a valid key context.</td>
</tr>
<tr>
<td valign="top">CPF9DF5 E</td>
<td valign="top">The key context is not found or was previously destroyed.</td>
</tr>
<tr>
<td valign="top">CPF9DF7 E</td>
<td valign="top">Algorithm context not compatible with key context.</td>
</tr>
<tr>
<td valign="top">CPF9DFC E</td>
<td valign="top">The key-encrypting algorithm or key context token is not valid.</td>
</tr>
</table>
<br>
<img src="deltaend.gif" alt="End of change"><br>
<hr>
API introduced: V5R4
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
"catcrypt.htm">Cryptographic Services APIs</a> | <a href="aplist.htm">APIs by
category</a></td>
</tr>
</table>
</center>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink