Encipher From Master Key (ENCFRMMSTK)
The Encipher From Master Key (ENCFRMMSTK) command reenciphers a
data-encrypting key from encryption under the host master key to
encryption under one or two sending cross-domain keys.
| Keyword |
Description |
Choices |
Notes |
| CPHK |
Enciphered key value |
Character value |
Required, Positional 1 |
| CRSDMNK1 |
*SND cross-domain key name |
Name |
Required, Positional 2 |
| KRTNVAR1 |
CL var for re-encrypted key |
Character value |
Required, Positional 3 |
| CRSDMNK2 |
*SND cross-domain key name |
Name, *NONE |
Optional, Positional 4 |
| KRTNVAR2 |
CL var for re-encrypted key |
Character value |
Optional, Positional 5 |
Enciphered key value (CPHK)
Specifies an 8-byte value, or a variable containing an 8-byte
value, that is the value of a data-encrypting key enciphered under
the host master key. There are no restrictions on the value of this
parameter. This is a required parameter.
*SND cross-domain key name (CRSDMNK1)
Specifies the name, or a variable containing the name, of a
sending cross-domain key. The value in the Enciphered key
value prompt (CPHK parameter) is decrypted using the host
master key and encrypted using this sending cross-domain key. This
is a required parameter.
CL var for re-encrypted key (KRTNVAR1)
Specifies an 8-byte variable to receive the data-encrypting key
encrypted under the sending cross-domain key. This is a required
parameter.
*SND cross-domain key name (CRSDMNK2)
Specifies the name of a second sending cross-domain key. The
value in the Enciphered key value prompt (CPHK parameter) is
decrypted using the host master key and encrypted using this second
sending cross-domain key.
The possible values are:
- *NONE
- No sending cross-domain key is to be used to encrypt the
data-encrypting key.
- sending-cross-domain-key-name
- Specify the name, or a variable containing the name, of a
sending cross-domain key.
CL var for re-encrypted key (KRTNVAR2)
Specifies an 8-byte variable to receive the data-encrypting key
encrypted under the second sending cross-domain key.