Encrypting and Decrypting with the IGGENC Macro
When you bypass the access methods, you can use the IGGENC macro to encrypt and decrypt data such that the result is compatible with how the access methods encrypt records. This section describes how to use IGGENC with basic format and large format data sets that are SMS-managed. Data set encryption is described further in z/OS DFSMS Using Data Sets.
Encryption and decryption require the functions of Integrated Cryptographic Service Facility (ICSF). One of the ICSF functions is to manage access to your encryption key. You can use a cryptographic service such as ICSF to generate a random encryption key but you cannot see your encryption key. You provide a name for the key and you use that name. The name is called a "key label". The key label is not a secret but its key is a secret even from the owner of the key.
- Connect to the encryption function.
- Encrypt or decrypt one or more blocks of data. These require that your program either call the connect function first or open an encrypted basic or large format data set.
- Disconnect from the encryption function.