z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Parameters

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

return_code
Direction: OutputType: Integer

The return code specifies the general result of the callable service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.

reason_code
Direction: OutputType: Integer

The reason code specifies the result of the callable service that is returned to the application program. Each return code has different reason codes that indicate specific processing problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.

exit_data_length
Direction: Input/OutputType: Integer

The length of the data that is passed to the installation exit. The length can be from X'00000000' to X'7FFFFFFF' (2 gigabytes). The data is identified in the exit_data parameter.

exit_data
Direction: Input/OutputType: String
The data that is passed to the installation exit.
key_identifier_length
Direction: InputType: String

The length of the key_identifier parameter. For the KEY-CLR keyword, the length is in bytes and includes only the value of the key length. The key length value can be 16, 24, or 32. For the KEYIDENT keyword, the length must be 64.

key_identifier
Direction: InputType: String

For the KEY-CLR keyword, this specifies the clear AES key. The parameter must be left justified. For the KEYIDENT keyword, this specifies an internal clear AES token or the label name of a clear AES key in the CKDS. Normal CKDS label name syntax is required.

text_length
Direction: InputType: Integer

The length of the text you supply in the text parameter. The maximum length of text is 2147483647 bytes. If the text_length is not a multiple of 8 bytes and if the ONLY or LAST keyword of the rule_array parameter is called, the text is padded in accordance with the processing rule specified.

text
Direction: InputType: String

The application-supplied text for which the MAC is generated.

rule_array_count
Direction: InputType: Integer

The number of keywords specified in the rule_array parameter. The value can be 1, 2, 3 or 4.

rule_array
Direction: InputType: Character string

This keyword provides control information to the callable service. The keywords must be eight bytes of contiguous storage with the keyword left-justified in its 8-byte location and padded on the right with blanks.

You can specify one of the MAC processing rules and then choose one of the segmenting control keywords and one of the MAC length keywords.

Table 157. Keywords for symmetric MAC generate control information
KeywordMeaning
Algorithm (required)
AESSpecifies that the Advanced Encryption Standard (AES) algorithm is to be used.
MAC processing rule (optional)
CBC-MACCBC MAC with padding for any key length. This is the default value.
XCBC-MACAES-XCBC-MAC-96 and AES-XCBC-PRF-128 MAC generation with padding for 128-bit keys.
Key rule (optional)
KEY-CLRThis specifies that the key parameter contains a clear key value. This is the default value.
KEYIDENTThis specifies that the key_identifier field will be an internal clear token or the label name of a clear key in the CKDS. Normal CKDS label name syntax is required.
Segmenting Control (optional)
FIRSTFirst call, this is the first segment of data from the application program.
LASTLast call; this is the last data segment.
MIDDLEMiddle call; this is an intermediate data segment.
ONLYOnly call; segmenting is not employed by the application program. This is the default value.
chaining_vector_length
Direction: Input/OutputType: Integer

The length of the chaining_vector parameter. On output, the actual length of the chaining vector will be stored in the parameter.

chaining_vector
Direction: Input/OutputType: String

This field is used as a system work area for the chaining vector. Your application program must not change the data in this string. The chaining vector holds the output chaining vector from the caller.

The mapping of the chaining_vector depends on the algorithm specified. For AES, the chaining_vector field must be at least 36 bytes in length.

reserved_data_length
Direction: InputType: Integer

Reserved for future use. Value must be zero.

reserved_data
Direction: IgnoredType: String

Reserved for future use.

mac_length
Direction: InputType: Integer

The length in bytes of the MAC to be returned in the mac field. The allowable values are 12 and 16 bytes.

mac
Direction: OutputType: String

The 12-byte or 16-byte field in which the callable service returns the MAC value if the segmenting rule is ONLY or LAST.

text_id_in
Direction: InputType: Integer

For CSNBSMG1 and CSNESMG1 only, the ALET of the text for which the MAC is generated.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014