Key Token Change (CSNBKTC)
Use the Key Token Change verb to re-encipher a DES or AES key from encryption under the old master-key to encryption under the current master-key and to update the keys in internal DES or AES key-tokens.
Note:
- An application system is responsible for keeping all of its keys in a usable form. When the master key is changed, the CEX*C implementations can use an internal key that is enciphered by either the current or the old master-key. Before the master key is changed a second time, it is important to have a key re-enciphered under the current master-key for continued use of the key. Use the Key Token Change verb to re-encipher such a keys.
- Previous implementations of IBM® CCA products had additional capabilities with this verb such as deleting key records and key tokens in key storage. Also, use of a wild card (*) was supported in those implementations.
This verb does not need to document any Usage notes.