0 | X'01' (flag indicating this
is an internal key token) |
1-3 | Implementation-dependent bytes (X'000000' for ICSF) |
4 | Key token version number (X'04') |
5 | Reserved - must be set to X'00' |
6 | Flag byte
- Bit
- Meaning When Set On
- 0
- Encrypted key and master key verification pattern (MKVP) are
present.
Off for a clear key token, on for an encrypted key token.
- 1
- Control vector (CV) value in this token has been applied to
the key.
- 2
- No key is present or the AES MKVP is not present if the key
is encrypted.
- 3- 7
- Reserved. Must be set to 0.
|
7 | 1-byte LRC checksum of clear key
value. |
8-15 | Master key verification pattern (MKVP)
(For
a clear AES key token this value will be hex zeros.) |
16-47 | 128-bit, 192-bit, or 256-bit key
value, left-justified and padded on the right with hex zeros. |
48-55 | 8-byte control vector.
(For a
clear AES key token this value will be hex zeros.) |
56-57 | 2-byte integer specifying the length
in bits of the clear key value. |
58-59 | 2-byte integer specifying the length
in bytes of the encrypted key value.
(For a clear AES key token
this value will be hex zeros.) |
60-63 | Token validation value (TVV). See Token Validation Value for more information. |