- return_code
-
Direction: Output | Type: Integer |
The return code specifies the general result of the callable
service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.
- reason_code
-
Direction: Output | Type: Integer |
The reason code specifies the result of the callable service
that is returned to the application program. Each return code has
different reason codes assigned to it that indicates specific processing
problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.
- exit_data_length
-
Direction: Input/Output | Type: Integer |
The length of the data that is passed to the installation
exit. The length can be from X'00000000' to X'7FFFFFFF' (2
gigabytes). The data is identified in the exit_data parameter.
- exit_data
-
Direction: Input/Output | Type: String |
The data that is passed to the installation exit.
- rule_array_count
-
Direction: Input | Type: Integer |
The number of keywords you are supplying in the rule_array parameter.
The value must be 1 or 2.
- rule_array
-
Direction: Input | Type: Character String |
Keywords that provides control information to the callable
service. The keyword must be in 8 bytes of contiguous storage, left-justified
and padded on the right with blanks.
Table 210. Keywords for SET Block Compose Control InformationKeyword | Meaning |
---|
Block Type (required) |
SET1.00 | The structure of the RSA-OAEP encrypted
block is defined by SET protocol. |
Formatting Information (optional) |
DES-ONLY | DES encryption only is to be performed;
no RSA-OAEP formatting will be performed. (See Usage Notes.) |
- block_contents_identifier
-
Direction: Input | Type: String |
A one-byte string, containing a binary value that will
be copied into the Block Contents (BC) field of the SET DB data block
(indicates what data is carried in the Actual Data Block, ADB, and
the format of any extra data (XData_string)).
This parameter is ignored if DES-ONLY is specified in the rule-array.
- XData_string_length
-
Direction: Input | Type: Integer |
The length in bytes of the data contained within XData_string.
The maximum length is 94 bytes. This parameter is ignored if DES-ONLY
is specified in the rule-array.
- XData_string
-
Direction: Input | Type: String |
Extra-encrypted data contained within the OAEP-processed
and RSA-encrypted block. The format is indicated by block_contents_identifier.
For a XData_string_length value of zero, XData_string must
still be specified, but will be ignored by ICSF. The string is treated
as a string of hexadecimal digits. This parameter is ignored if DES-ONLY
is specified in the rule-array.
- data_to_encrypt_length
-
Direction: Input/Output | Type: Integer |
The length in bytes of data that is to be DES-encrypted.
The length has a maximum value of 32 MB minus 8 bytes to allow for
up to 8 bytes of padding. The data is identified in the data_to_encrypt parameter.
On output, this value is updated with the length of the encrypted
data in the DES_encrypted_data_block.
- data_to_encrypt
-
Direction: Input | Type: String |
The data that is to be DES-encrypted (with a 64-bit DES
key generated by this service). The data will be padded by this service
according to the PKSC #5 padding rules.
- data_to_hash_length
-
Direction: Input | Type: Integer |
The length in bytes of the data to be hashed. The hash
is an optional part of the OAEP block. If the data_to_hash_length is
0, no hash will be included in the OAEP block. This parameter is ignored
if DES-ONLY is specified in the rule_array parameter.
- data_to_hash
-
Direction: Input | Type: String |
The data that is to be hashed and included in the OAEP
block. No hash is computed or inserted in the OAEP block if the data_to_hash_length is
0. This parameter is ignored if DES-ONLY is specified in the rule_array parameter.
- initialization_vector
-
Direction: Input | Type: String |
An 8-byte string containing the initialization vector
to be used for the cipher block chaining for the DES encryption
of the data in the data_to_encrypt parameter. The same
initialization vector must be used to perform the DES decryption
of the data.
- RSA_public_key_identifier_length
-
Direction: Input | Type: Integer |
The length of the RSA_public_key_identifier field.
The maximum size is 2500 bytes. This parameter is ignored if DES-ONLY
is specified in the rule-array.
- RSA_public_key_identifier
-
Direction: Input | Type: String |
A string containing either the key label of the RSA public
key or the RSA public key token to be used to perform the RSA encryption
of the OAEP block. The modulus bit length of the key must be 1024
bytes. This parameter is ignored if DES-ONLY is specified in the rule-array.
- DES_key_block_length
-
Direction: Input/Output | Type: Integer |
The length of the DES_key_block. The current
length of this field is defined to be exactly 64 bytes.
- DES_key_block
-
Direction: Input/Output | Type: String |
The DES key information returned from a previous SET Block
Compose service. The contents of the DES_key_block is
the 64-byte DES internal key token (containing the DES key enciphered
under the host master key). Your application program must not change
the data in this string.
- RSA_OAEP_block_length
-
Direction: Input/Output | Type: Integer |
The length of a block of storage to hold the RSA-OAEP_block.
The length must be at least 128 bytes on input. The length value will
be updated on exit with the actual length of the RSA-OAEP_block,
which is exactly 128 bytes. This parameter is ignored if DES-ONLY
is specified in the rule-array.
- RSA_OAEP_block
-
Direction: Output | Type: String |
The OAEP-formatted data block, encrypted under the RSA
public key passed as RSA_public_key_identifier.
When the OAEP-formatted data block is returned, it is left justified
within the RSA-OAEP_block field if the input field length
(RSA-OAEP_block_length) was greater than 128 bytes.
This parameter is ignored if DES-ONLY is specified in the rule-array.
- chaining_vector
-
Direction: Input/Output | Type: String |
An 18-byte field that ICSF uses as a system work area.
Your application program must not change the data in this string.
This field is ignored by this service, but must be specified.
- DES_encrypted_data_block
-
Direction: Output | Type: String |
The DES-encrypted data block (data passed in as data_to_encrypt).
The length of the encrypted data is returned in data_to_encrypt_length.
The DES_encrypted_data_block may be 8 bytes longer
than the length of the data_to_encrypt because of padding
added by this service.