Skip to content

/AWS1/CL_PCYWRAPPEDKEY

Parameter information for generating a WrappedKeyBlock for key exchange.

CONSTRUCTOR

IMPORTING

Required arguments:

iv_wrappingkeyarn TYPE /AWS1/PCYKEYARN /AWS1/PCYKEYARN

The KeyARN of the wrapped key.

iv_wrappedkeymaterialformat TYPE /AWS1/PCYWRAPPEDKEYMATERIALFMT /AWS1/PCYWRAPPEDKEYMATERIALFMT

The key block format of a wrapped key.

iv_keymaterial TYPE /AWS1/PCYKEYMATERIAL /AWS1/PCYKEYMATERIAL

Parameter information for generating a wrapped key using TR-31 or TR-34 skey exchange method.

Optional arguments:

iv_keycheckvalue TYPE /AWS1/PCYKEYCHECKVALUE /AWS1/PCYKEYCHECKVALUE

The key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.

iv_keycheckvaluealgorithm TYPE /AWS1/PCYKEYCHECKVALUEALG /AWS1/PCYKEYCHECKVALUEALG

The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

Queryable Attributes

WrappingKeyArn

The KeyARN of the wrapped key.

Accessible with the following methods

Method Description
GET_WRAPPINGKEYARN() Getter for WRAPPINGKEYARN, with configurable default
ASK_WRAPPINGKEYARN() Getter for WRAPPINGKEYARN w/ exceptions if field has no valu
HAS_WRAPPINGKEYARN() Determine if WRAPPINGKEYARN has a value

WrappedKeyMaterialFormat

The key block format of a wrapped key.

Accessible with the following methods

Method Description
GET_WRAPPEDKEYMATERIALFORMAT() Getter for WRAPPEDKEYMATERIALFORMAT, with configurable defau
ASK_WRAPPEDKEYMATERIALFORMAT() Getter for WRAPPEDKEYMATERIALFORMAT w/ exceptions if field h
HAS_WRAPPEDKEYMATERIALFORMAT() Determine if WRAPPEDKEYMATERIALFORMAT has a value

KeyMaterial

Parameter information for generating a wrapped key using TR-31 or TR-34 skey exchange method.

Accessible with the following methods

Method Description
GET_KEYMATERIAL() Getter for KEYMATERIAL, with configurable default
ASK_KEYMATERIAL() Getter for KEYMATERIAL w/ exceptions if field has no value
HAS_KEYMATERIAL() Determine if KEYMATERIAL has a value

KeyCheckValue

The key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Accessible with the following methods

Method Description
GET_KEYCHECKVALUE() Getter for KEYCHECKVALUE, with configurable default
ASK_KEYCHECKVALUE() Getter for KEYCHECKVALUE w/ exceptions if field has no value
HAS_KEYCHECKVALUE() Determine if KEYCHECKVALUE has a value

KeyCheckValueAlgorithm

The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

Accessible with the following methods

Method Description
GET_KEYCHECKVALUEALGORITHM() Getter for KEYCHECKVALUEALGORITHM, with configurable default
ASK_KEYCHECKVALUEALGORITHM() Getter for KEYCHECKVALUEALGORITHM w/ exceptions if field has
HAS_KEYCHECKVALUEALGORITHM() Determine if KEYCHECKVALUEALGORITHM has a value