You can reencipher a PKDS either using the panels or the utility program.
You pass the same parameters whether you call the program as a batch job or from another program.
Bytes 0-1: Length of the parameter string in binary
Bytes 2-n: The parameter string
The parameter string is the same as that which you would specify using the PARM keyword on the EXEC JCL statement if you invoked the program as a batch job.
//STEP EXEC PGM=CSFPUTIL,PARM='OLD.PKDS,NEW.PKDS,RECIPHER'
The first parameter passed, OLD.PKDS, is the name of the PKDS to reencipher. The second parameter, NEW.PKDS, is the name of an empty PKDS where you want ICSF to place the reenciphered keys.
When you invoke the program as a batch job, you receive the return code in a message when the job completes. You do not receive a reason code with the return code. The return codes are explained in Return and reason codes for the CSFPUTIL program.