Generate a Key

Before you begin with the rest of the instructions, you need to generate keys for the algorithm keyset and encryption profile.

The key value in the keyset and Initialization Vector (IV) parameter in the encryption profile are not the same values. These values in the encryption profile should match their corresponding values in the decryption profile. The value is a hexadecimal (hex) string that begins with 0x and continues with hex digits for a particular length. A hex digit is a single character in the list 0-9 and a-f (lowercase). Both the IV and the key value have the same length. To determine the length of the key, you need the number of bits of the algorithm.

For example, the algorithm aes_ks256_cbc_encrypt requires a 256 binary digit (bit) key. Divide the key length by 4 to get the number of hex digits. For example, 256 / 4 = 64. This means that you need a 64-character hex string for a 256-bit algorithm. Generate a random hex string of the necessary length, prepend the string with 0x, and this becomes your key. Create a separate key for the keyset and for the IV parameter (in Encryption Profile).

Here is an example of an algorithm to generate a hex string of a given length.

/* Generate a random hex key of the specified length */
Arg length
hexstring=''
Do While length > 0
	length = length - 1
	digitpos = random(0,15) + 1
	hexchar = substr('0123456789abcdef',digitpos,1)
	hexstring=hexstring||hexchar
End
Say hexstring