> -----Original Message----- > From: IBM Mainframe Discussion List > [mailto:[email protected]] On Behalf Of John Kasperer > Sent: Saturday, April 02, 2011 4:58 PM > To: [email protected] > Subject: Re: Help needed for RC=12 from ICSF CSNBENC/DEC with > z10+CPACF > > ICSF callable services CSNBENC or CSNBDEC are only for ICSF > **secure key** processing, so clear keys cannot be used. I > agree that the rc=12 is misleading...
Thanks for the clear answer. That fact is not at all clear in the ICSF documentation, at least not that I have found in the Application Programmer's Guide so far. If such is the case, what are the options to store a clear key in the CKDS and invoke an encryption/decryption subroutine that takes as an argument only the "label" of that key and not the clear key itself? The goal here is to have the clear key stored in the protected CKDS (only authorized security team personnel allowed to access) and permit ordinary non-authorized application code to use the key label for encryption and decryption of data fields. TIA for any further info/RTFM you can provide. Peter -- This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
