Use the diversified key generate service to generate a key based on the key-generating key, the processing method, and the parameter supplied. The control vector of the key-generating key also determines the type of target key that can be generated.

To use this service, specify:

• The rule array keyword to select the diversification process.
• The operational key-generating key from which the diversified keys are generated. The control vector associated with this key restricts the use of this key to the key generation process. This control vector also restricts the type of key that can be generated.
• The data and length of data used in the diversification process.
• The generated-key may be an internal token or a skeleton token containing the desired CV of the generated-key. The generated key CV must be one that is permitted by the processing method and the key-generating key. The generated-key will be returned in this parameter.
• A key generation method keyword. Some keywords require Requires May 2004 or later version of Licensed Internal Code (LIC) or a z890.

This service generates diversified keys as follows:

• Determines if it can support the process specified in rule array.
• Recovers the key-generating key and checks the key-generating key class and the specified usage of the key-generating key.
• Determines that the control vector in the generated-key token is permissible for the specified processing method.
• Determines that the control vector in the generated-key token is permissible by the control vector of the key-generating key.
• Determines the required data length from the processing method and the generated-key CV. Validates the data_length.
• Generates the key appropriate to the specific processing method. Adjusts parity of the key to odd. Creates the internal token and returns the generated diversified key.

The callable service name for AMODE(64) invocation is CSNEDKG.