- return_code
-
Direction: Output | Type: Integer |
The return code specifies the general result of the callable
service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.
- reason_code
-
Direction: Output | Type: Integer |
The reason code specifies the result of the callable service
that is returned to the application program. Each return code has
different reason codes assigned to it that indicates specific processing
problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.
- exit_data_length
-
Direction: Input/Output | Type: Integer |
The length of the data that is passed to the installation
exit. The length can be from X'00000000' to X'7FFFFFFF' (2
gigabytes). The data is identified in the exit_data parameter.
- exit_data
-
Direction: Input/Output | Type: String |
The data that is passed to the installation exit.
- rule_array_count
-
Direction: Input | Type: Integer |
The number of keywords you are supplying in the rule_array parameter.
The value must be 1 or 2.
- rule_array
-
Direction: Input | Type: String |
The process rules for the callable service. The keywords
must be 8 bytes of contiguous storage with the keyword left-justitfied
in its 8-byte location and padded on the right with blanks.
Table 236. Rule Array Keywords for PKA Key Token ChangeKeyword | Meaning |
---|
Algorithm
(optional) |
RSA | Specifies that the key token is for a RSA or
DSS key or trusted block token. This is the default. |
ECC | Specifies that the key token is for an ECC key. |
Reencipherment
method (required) |
RTCMK | If the key_identifier is
an RSA key token, the service will change an RSA private key from
encipherment with the old RSA master key to encipherment with the
current RSA master key.
If the key_identifier is a trusted
block token, the service will change the trusted block's embedded
MAC key from encipherment with the old RSA master key to encipherment
with the current RSA master key.
If the key_identifier is
an ECC key token, the service will change an ECC private key from
encipherment with the old ECC master key to encipherment with the
current ECC master key. |
- key_identifier_length
-
Direction: Input | Type: Integer |
The length of the key_identifier parameter.
The maximum size is 3500 bytes.
- key_identifier
-
Direction: Input/Output | Type: String |
Contains an internal key token of an internal RSA, DSS,
ECC, or trusted block key.
If the key token is an RSA key token,
the private key within the token is securely reenciphered under the
current RSA master key.
If the key token is a Trusted Block
key token, the MAC key within the token is securely reenciphered under
the current RSA master key.
If the key token is an ECC key token,
the private key within the token is securely reenciphered under the
current ECC master key.