The return code specifies the general result of the callable service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.

The reason code specifies the result of the callable service that is returned to the application program. Each return code has different reason codes assigned to it that indicates specific processing problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.

The length of the data that is passed to the installation exit. The length can be from X'00000000' to X'7FFFFFFF' (2 gigabytes). The data is identified in the exit_data parameter.

The data that is passed to the installation exit.

The number of keywords you are supplying in the rule_array parameter. The value must be 1 or 2.

Keywords that provides control information to the callable service. The keyword must be in 8 bytes of contiguous storage, left-justified and padded on the right with blanks.

A one-byte string, containing a binary value that will be copied into the Block Contents (BC) field of the SET DB data block (indicates what data is carried in the Actual Data Block, ADB, and the format of any extra data (XData_string)). This parameter is ignored if DES-ONLY is specified in the rule-array.

The length in bytes of the data contained within XData_string. The maximum length is 94 bytes. This parameter is ignored if DES-ONLY is specified in the rule-array.

Extra-encrypted data contained within the OAEP-processed and RSA-encrypted block. The format is indicated by block_contents_identifier. For a XData_string_length value of zero, XData_string must still be specified, but will be ignored by ICSF. The string is treated as a string of hexadecimal digits. This parameter is ignored if DES-ONLY is specified in the rule-array.

The length in bytes of data that is to be DES-encrypted. The length has a maximum value of 32 MB minus 8 bytes to allow for up to 8 bytes of padding. The data is identified in the data_to_encrypt parameter. On output, this value is updated with the length of the encrypted data in the DES_encrypted_data_block.

The data that is to be DES-encrypted (with a 64-bit DES key generated by this service). The data will be padded by this service according to the PKSC #5 padding rules.

The length in bytes of the data to be hashed. The hash is an optional part of the OAEP block. If the data_to_hash_length is 0, no hash will be included in the OAEP block. This parameter is ignored if DES-ONLY is specified in the rule_array parameter.

The data that is to be hashed and included in the OAEP block. No hash is computed or inserted in the OAEP block if the data_to_hash_length is 0. This parameter is ignored if DES-ONLY is specified in the rule_array parameter.

An 8-byte string containing the initialization vector to be used for the cipher block chaining for the DES encryption of the data in the data_to_encrypt parameter. The same initialization vector must be used to perform the DES decryption of the data.

The length of the RSA_public_key_identifier field. The maximum size is 2500 bytes. This parameter is ignored if DES-ONLY is specified in the rule-array.

A string containing either the key label of the RSA public key or the RSA public key token to be used to perform the RSA encryption of the OAEP block. The modulus bit length of the key must be 1024 bytes. This parameter is ignored if DES-ONLY is specified in the rule-array.

The length of the DES_key_block. The current length of this field is defined to be exactly 64 bytes.

The DES key information returned from a previous SET Block Compose service. The contents of the DES_key_block is the 64-byte DES internal key token (containing the DES key enciphered under the host master key). Your application program must not change the data in this string.

The length of a block of storage to hold the RSA-OAEP_block. The length must be at least 128 bytes on input. The length value will be updated on exit with the actual length of the RSA-OAEP_block, which is exactly 128 bytes. This parameter is ignored if DES-ONLY is specified in the rule-array.

The OAEP-formatted data block, encrypted under the RSA public key passed as RSA_public_key_identifier. When the OAEP-formatted data block is returned, it is left justified within the RSA-OAEP_block field if the input field length (RSA-OAEP_block_length) was greater than 128 bytes. This parameter is ignored if DES-ONLY is specified in the rule-array.

An 18-byte field that ICSF uses as a system work area. Your application program must not change the data in this string. This field is ignored by this service, but must be specified.

The DES-encrypted data block (data passed in as data_to_encrypt). The length of the encrypted data is returned in data_to_encrypt_length. The DES_encrypted_data_block may be 8 bytes longer than the length of the data_to_encrypt because of padding added by this service.