The clear key import services takes a single clear key value and returns an operational DES DATA key. The multiple clear key import services take a single clear key value and return an operational AES or DES DATA key.
The key part import services allow applications to create a key using key parts. The key parts are combined together to form a complete key. The key part import service is used with DES keys and the Key Part Import2 service is used with AES keys. A key in the CKDS can be used by these services. The key part bit must be enable in the DES control vector or the AES key associated data for the key to be processed by these services.
The secure key import services are used to create a key from a single clear key part. The key can be in operational or importable form. The multiple secure key import and secure key import services support DES and AES keys in the fixed-length format token. The Secure Key Import2 service supports AES keys in the variable-length format token. Note that the Special Secure Mode control must be enabled to use these services.
The use of these callable services is optional and should be enabled as required for authorized usage. Enabling these callable services is not recommended for production and usage requires special consideration.
For more information about these callable service, see z/OS Cryptographic Services ICSF Application Programmer's Guide.