Usage notes

The hardware configuration sets the limit on the modulus size of keys for key management; thus, this verb will fail if the RSA key modulus bit length exceeds this limit.

Use of PKA92 with an input NOCV key-encrypting key token is not supported.

During initialization of a CEX*C, an Environment Identifier (EID) of zero will be set in the coprocessor. This is interpreted by the Symmetric Key Import verb to mean that environment identification checking is to be bypassed. Thus it is possible on a Linux® on IBM® Z system for a key-encrypting key RSA-enciphered at a node (EID) to be imported at the same node.