Skip to Content
Information

This site will undergo a brief period of maintenance on Friday, 18 December at 12:30 AM Central/12:00 PM IST. During a 30 minute window, site availability may be intermittent.

FDRCAMS PUBLICKEY Statement

PUBLICKEY statement

A PUBLICKEY statement is used to invoke RSA public key encryption for the actual encryption key used for all encrypted files created in this IDCAMS step. As described in detail in FDRCRYPT-Techniques-and-Procedures, RSA is a Public Key Algorithm (PKA) using a public key to encrypt and a private key to decrypt. RSA is not used to encrypt the data, rather it is used to encrypt the actual key (for example AESKEY) used to encrypt each file. RSA acts as a form of master key; at the receiving site, the private key is used to decrypt the actual key, which is then used to decrypt the data. Both an FDRCRYPT master key and/or a RSA public key can be specified for the same encrypted file; if both are used during encryption, either one can be used to decrypt it.

PUBLICKEY statement syntax

PUBLICKEY

LABEL=label



Only one PUBLICKEY statement is allowed in a given FDRCAMS step; the RSA key is used for all encrypted files created in the step.

FDRCAMS support for RSA requires the IBM ICSF (Integrated Cryptographic Service Facility) software be configured and active. The RSA keys must be recorded in the ICSF Public Key Data Set (PKDS). See  RSA Public/Private Key Encryption” in  FDRCRYPT-Techniques-and-Procedures for details.

PUBLICKEY statement operands

LABEL=

Specifies the label (up to 64 printable characters) of the RSA public key as recorded in the ICSF PKDS. ICSF is invoked to encrypt the actual key with the RSA public key.

Warning

Important

If you have used a RSA key label with a length of 55 characters or more, this does not fit on one control statement. To specify a long key use this syntax:

PUBLICKEY,

LABEL=longlabel

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC AMI Storage FDR 6.1