The return code specifies the general result of the callable service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.

The reason code specifies the result of the callable service that is returned to the application program. Each return code has different reason codes that indicate specific processing problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.

The length of the data that is passed to the installation exit. The length can be from X'00000000' to X'7FFFFFFF' (2 gigabytes). The data is identified in the exit_data parameter.

The data that is passed to the installation exit.

The number of keywords you supplied in the rule_array parameter. The value must be 3.

The rule_array contains keywords that provide control information to the callable service. The keywords must be in contiguous storage with each of the keywords left-justified in its own 8-byte location and padded on the right with blanks.

The length of the value supplied in the clear_key parameter in bits. Valid lengths are 80 to 2048 for HMAC keys, and 128, 192, or 256 for AES keys.

The value of the key to be imported. The value should be left justified and padded on the right with zeros to a byte boundary if the clear_key_bit_length is not a multiple of 8.

The length of the key_name parameter. Valid values are 0 and 64.

A 64-byte key store label to be stored in the associated data structure of the token.

The length of the user-associated data. The valid values are 0 to 255 bytes.

User-associated data to be stored in the associated data structure.

The byte length of the key_encrypting_key_identifier parameter. When Key Form is OP, the value must be zero. When Key Form is IM, the value must be between the actual length of the token and 725 when key_encrypting_key_identifier is a token. The value must be 64 when key_encrypting_key_identifier is a label.

When the Key Form rule is OP, key_encrypting_key_identifier is ignored. When the Key Form rule is IM, key_encrypting_key_identifier contains an internal key token containing the AES importer key-encrypting key or a key label.

If the token supplied was encrypted under the old master key, the token will be returned encrypted under the current master key.

On input, the byte length of the buffer for the target_key_identifier parameter. The buffer must be large enough to receive the target key token. The maximum value is 900 bytes.

On output, the parameter will hold the actual length of the target key token.

The output key token. On input, this parameter is ignored except when the Key Type keyword is TOKEN. If you specify the TOKEN keyword, then this field contains a valid token of the key type you want to import. On output, when Key Form is OP, this will be an internal variable-length symmetric token. When Key Form is IM, this will be an external variable-length symmetric token. See rule_array for a list of valid key types.