z/OS Cryptographic Services ICSF Application Programmer's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Usage Notes

z/OS Cryptographic Services ICSF Application Programmer's Guide
SA22-7522-16

These usage notes only apply to CCF systems.

This service produces an internal DATA token with a control vector which is usable on the Cryptographic Coprocessor Feature. If a valid internal token is supplied as input to the service in the key_identifier field, that token's control vector will not be used in the encryption of the clear key value.

This service marks this internal key token CDMF or DES, according to the system's default encryption algorithm, unless token copying overrides this. The service marks this internal key token CDMF or DES, according to the system's default encryption algorithm, unless token copying overrides this. See System Encryption Algorithm for details.

The Clear Key Import/Multiple Clear Key Import - DES access control point controls the function of this service.

This table lists the required cryptographic hardware for each server type and describes restrictions for this callable service.

Table 10. Clear key import required hardware
ServerRequired cryptographic hardwareRestrictions
IBM eServer zSeries 900Cryptographic Coprocessor Feature
IBM eServer zSeries 890

IBM eServer zSeries 990

PCI X Cryptographic Coprocessor/Crypto Express2 CoprocessorThere are no internal token markings for CDMF or DES. There is no token copying.
IBM System z9 EC

IBM System z9 BC

Crypto Express2 CoprocessorThere are no internal token markings for CDMF or DES. There is no token copying.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014