z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Parameters

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

return_code
Direction: OutputType: Integer

The return code specifies the general result of the callable service. Appendix A. ICSF and TSS Return and Reason Codes lists the return codes.

reason_code
Direction: OutputType: Integer

The reason code specifies the result of the callable service that is returned to the application program. Each return code has different reason codes assigned to it that indicates specific processing problems. Appendix A. ICSF and TSS Return and Reason Codes lists the reason codes.

exit_data_length
Direction: Input/OutputType: Integer

The length of the data that is passed to the installation exit. The length can be from X'00000000' to X'7FFFFFFF' (2 gigabytes). The data is identified in the exit_data parameter.

exit_data
Direction: Input/OutputType: String

The data that is passed to the installation exit.

rule_array_count
Direction: InputType: Integer

The number of keywords you are supplying in the rule_array parameter. The value must be 1 or 2.

rule_array
Direction: InputType: String

The process rules for the callable service. The keywords must be 8 bytes of contiguous storage with the keyword left-justitfied in its 8-byte location and padded on the right with blanks.

Table 236. Rule Array Keywords for PKA Key Token Change
KeywordMeaning
Algorithm (optional)
RSASpecifies that the key token is for a RSA or DSS key or trusted block token. This is the default.
ECCSpecifies that the key token is for an ECC key.
Reencipherment method (required)
RTCMKIf the key_identifier is an RSA key token, the service will change an RSA private key from encipherment with the old RSA master key to encipherment with the current RSA master key.

If the key_identifier is a trusted block token, the service will change the trusted block's embedded MAC key from encipherment with the old RSA master key to encipherment with the current RSA master key.

If the key_identifier is an ECC key token, the service will change an ECC private key from encipherment with the old ECC master key to encipherment with the current ECC master key.

key_identifier_length
Direction: InputType: Integer

The length of the key_identifier parameter. The maximum size is 3500 bytes.

key_identifier
Direction: Input/OutputType: String

Contains an internal key token of an internal RSA, DSS, ECC, or trusted block key.

If the key token is an RSA key token, the private key within the token is securely reenciphered under the current RSA master key.

If the key token is a Trusted Block key token, the MAC key within the token is securely reenciphered under the current RSA master key.

If the key token is an ECC key token, the private key within the token is securely reenciphered under the current ECC master key.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014