You use the ADD and UPDATE control statements to run KGUP for functions
that involve key generation, maintenance, and distribution. For ADD
and UPDATE control statements, KGUP either imports a key value that
you supply or generates a key value. KGUP allows the creation
and maintenance of clear key tokens in the CKDS. This topic describes
the combinations of control statement keywords you use to perform
these functions. Table 1 shows the keyword
combinations permitted on ADD and UPDATE control statements.
Table 1. Keyword
Combinations Permitted in ADD and UPDATE Control Statements for DES
Keys. Keyword Combinations Permitted in ADD and UPDATE
Control Statements for DES Keys| Control Statement |
LABEL or RANGE |
TYPE |
OUTTYPE |
TRANSKEY or CLEAR |
NOCV |
ALGORITHM |
LENGTH or KEY |
|---|
| ADD |
Yes |
Yes |
Yes1 |
Yes2 |
Yes3 |
Yes |
Yes1 |
|---|
| UPDATE |
Yes |
Yes |
Yes1 |
Yes2 |
Yes3 |
Yes |
Yes1 |
|---|
Note: - OUTTYPE can be used with either TRANSKEY or CLEAR but is mutually
exclusive with KEY.
- TRANSKEY is not valid when TYPE is NULL, CLRDES or CLRAES.
- NOCV is not valid when TRANSKEY is specified with two key labels.
It is not valid when TYPE is CLRDES or CLRAES.
Table 2. Keyword
Combinations Permitted in ADD and UPDATE Control Statements for AES
Keys. Keyword Combinations Permitted in ADD and UPDATE
Control Statements for AES Keys| Control Statement |
LABEL or RANGE |
TYPE |
OUTTYPE |
TRANSKEY or CLEAR |
ALGORITHM |
LENGTH or KEY |
|---|
| ADD |
Yes |
Yes |
Yes1 |
Yes2 |
Required |
Yes1 |
|---|
| UPDATE |
Yes |
Yes |
Yes1 |
Yes2 |
Required |
Yes1 |
|---|
Note: - OUTTYPE can be used with either TRANSKEY or CLEAR but is mutually
exclusive with KEY.
- TRANSKEY is not valid when TYPE is NULL, CLRDES or CLRAES.