z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Key Import (CSNBKIM and CSNEKIM)

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

Use the key import callable service to reencipher a key (except an AKEK) from encryption under an importer key-encrypting key to encryption under the master key. The reenciphered key is in operational form.

Choose one of these options:

  • Specify the key_type parameter as TOKEN and specify the external key token in the source_key_identifier parameter. The key type information is determined from the control vector in the external key token.
  • Specify a key type in the key_type parameter and specify an external key token in the source_key_identifier parameter. The specified key type must be compatible with the control vector in the external key token.
  • Specify a valid key type in the key_type parameter and a null key token in the source_key_identifier parameter. The default control vector for the key_type specified will be used to process the key.

For DATA keys, this service generates a key of the same length as that contained in the input token.

The callable service name for AMODE(64) invocation is CSNEKIM.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014