Public/private keys are not ideal for the kind of encryption you described in your first message.
If you are looking to perform "bulk encryption" (where you encrypt arbitrarily long pieces of data), you would be better served using a symmetric key (such as AES) for that operation which would be stored in the CKDS.
If we have misunderstood your intent, please feel free to clarify and ask additional questions.
------------------------------
Eric Rossman
------------------------------
Original Message:
Sent: Tue September 19, 2023 06:15 AM
From: Helmut Roese
Subject: Encrypt/Decrypt Data
Hi Roan,
thank you for your answer. My first thought was to use a certificate with a pair of public/private keys for this.
But to create an own key in RACF and use this for encryption/decryption might make it easier. I will try and let you know.
Kind Regards
Helmut
------------------------------
Helmut Roese
COM Software GmbH
Eschborn
------------------------------
Original Message:
Sent: Thu September 14, 2023 12:56 PM
From: Roan Dawkins
Subject: Encrypt/Decrypt Data
Dataset encryption might be an option. Assuming your dataset format is supported, you'll be able to associate a key with the dataset and the system handles all the encryption/decryption.
In any event, you or someone else needs to create the encryption key. I would recommend creating an AES 256-bit CIPHER key so it is Quantum-safe. To create such a key take a look at the CSNBKTB2 and CSNBKGN2 services (KTB2 may not be necessary if the defaults are acceptable). To use that key to encrypt and decrypt data, use the CSNBSAE/CSNBSAD services.
------------------------------
Roan Dawkins