The following scenario:

CSNDSYX is used for export an AES key. The KEK is AES EXPORTER, labeled KEK.EXP1 

Then CSNDSYI2 is used for import the AES key on another system. 

Output (enciphered_key) from CSNDSYSX is sent to CSNDSYI2 and used as an input. 

REXX script pair is working with AES CIPHER with the following rules: AES, AESKW. 

BTW: the script pair also works for HMAC (rules: HMAC, AESKW) and DES (rules: DES, AESKWCV).

The I tried to send EXPORTER key, lets say labeled EXP2. In other words: EXP2 is exported using KEK.EXP1.

CSNDSYSX ended OK (rc=0) and I got enciphered key. Note, the output is longer than for regular AES CIPHER (CIPHER: 88'x, EXPORTER: 8C'x). 

So far, so good...

However CSNDSYI2 fails with RC=8, RSN=841. 

It seems the SYX output cannot be used as SYI2 input, however I see no reason why. 

Any clue? 

As far as I can see, this should work. I'll ask around for an example.
To be clear, you are exporting an AES CIPHER key using an AES EXPORTER with rules AES, AESKW?

The following scenario:

CSNDSYX is used for export an AES key. The KEK is AES EXPORTER, labeled KEK.EXP1 

Then CSNDSYI2 is used for import the AES key on another system. 

Output (enciphered_key) from CSNDSYSX is sent to CSNDSYI2 and used as an input. 

REXX script pair is working with AES CIPHER with the following rules: AES, AESKW. 

BTW: the script pair also works for HMAC (rules: HMAC, AESKW) and DES (rules: DES, AESKWCV).

The I tried to send EXPORTER key, lets say labeled EXP2. In other words: EXP2 is exported using KEK.EXP1.

CSNDSYSX ended OK (rc=0) and I got enciphered key. Note, the output is longer than for regular AES CIPHER (CIPHER: 88'x, EXPORTER: 8C'x). 

So far, so good...

However CSNDSYI2 fails with RC=8, RSN=841. 

It seems the SYX output cannot be used as SYI2 input, however I see no reason why. 

Any clue? 

Yes, it is AES, AESKW and AES EXPORTER

Code:

EXPORT

exporter_key_label = LEFT('KEK.EXPORT.BBB.CCC'      ,64) 
aes_data_key_label = LEFT('KEK.EXPORT.BBB.DDD'      ,64) /*it's also exporter*/
                                                         

syx_rc                    = 'FFFFFFFF'x          
syx_rs                    = 'FFFFFFFF'x          
syx_exit_length           = '00000000'x 
syx_exit_data             = ''            
syx_rule_array_count      = '00000002'x                  
syx_rule_array            = 'AES     ' !!,               
                            'AESKW   '                   
syx_source_key_length     = '00000040'x                  
syx_source_key            = aes_data_key_label           
syx_transport_key_length  = '0000040'x                   
syx_transport_key         = exporter_key_label           
syx_enciphered_key_length = '00000384'x                  
syx_enciphered_key        = COPIES('00'x,900)            
CALL CSNDSYX                         
...
EXIT

CSNDSYX:                                                     
ADDRESS linkpgm "CSNDSYX",                                   
   'syx_rc'                          'syx_rs'               ,
   'syx_exit_length'                 'syx_exit_data'        ,
   'syx_rule_array_count'            'syx_rule_array'       ,
   'syx_source_key_length'           'syx_source_key'       ,
   'syx_transport_key_length'        'syx_transport_key'    ,
   'syx_enciphered_key_length'       'syx_enciphered_key'    
                                                       
RETURN      
===============================================================
IMPORT

importer_key_label = LEFT('KEK.IMPORT.BBB.CCC',64)                  
                                                                    
/* key to be imported                     */            
aes_data_key_label = LEFT('KEK.IMPORTED',64)
/*taken from syx_enciphered_key */     
encrypted_key = ,                                                     
'0200008C050000000202B970C082F3C8A0C50000000000000000020200000100'x!!,
'001E0000000002800002000304FC000000E000F80003E0000000031418BBBAD4'x!!,
'00C1217B9C2DF8C32BA488FC83512DBADB6619FF44B49F460088AB2A1A960B4D'x!!,
'2A17CF24FA20E45E6527D21098951850D632AD4F50D30245926CAFA48A4B8792'x!!,
'B801280017F3D24232BC75D4'                                            
/* taken from syx_enciphered_key_length */
encrypted_key_length = '0000008C'x                                    

syi2_rc               = 'FFFFFFFF'x                              
syi2_rs               = 'FFFFFFFF'x                              
syi2_exit_length      = '00000000'x                              
syi2_exit_data        = ''                                       
syi2_key_name_length  = '00000000'x                              
syi2_key_name         = ''                                       
syi2_rule_count            = '00000002'x             
syi2_rule_array            = 'AES     ' !! 'AESKW   '         
syi2_enciphered_key_length = encrypted_key_length    
syi2_enciphered_key        = encrypted_key           
syi2_transport_key_length  = '00000040'x             
syi2_transport_key         = importer_key_label      
syi2_target_key_length     = '000002D5'x             
syi2_target_key            = copies('00'x,725)       
CALL CSNDSYI2                                        
...
EXIT

CSNDSYI2:                                                        
ADDRESS linkpgm "CSNDSYI2",                                      
   'syi2_rc'                          'syi2_rs'                 ,
   'syi2_exit_length'                 'syi2_exit_data'          ,
   'syi2_rule_count'                  'syi2_rule_array'         ,
   'syi2_enciphered_key_length'       'syi2_enciphered_key'     ,
   'syi2_transport_key_length'        'syi2_transport_key'      ,
   'syi2_key_name_length'             'syi2_key_name'           ,
   'syi2_target_key_length'           'syi2_target_key'          

RETURN

As far as I can see, this should work. I'll ask around for an example.
To be clear, you are exporting an AES CIPHER key using an AES EXPORTER with rules AES, AESKW?

The following scenario:

CSNDSYX is used for export an AES key. The KEK is AES EXPORTER, labeled KEK.EXP1 

Then CSNDSYI2 is used for import the AES key on another system. 

Output (enciphered_key) from CSNDSYSX is sent to CSNDSYI2 and used as an input. 

REXX script pair is working with AES CIPHER with the following rules: AES, AESKW. 

BTW: the script pair also works for HMAC (rules: HMAC, AESKW) and DES (rules: DES, AESKWCV).

The I tried to send EXPORTER key, lets say labeled EXP2. In other words: EXP2 is exported using KEK.EXP1.

CSNDSYSX ended OK (rc=0) and I got enciphered key. Note, the output is longer than for regular AES CIPHER (CIPHER: 88'x, EXPORTER: 8C'x). 

So far, so good...

However CSNDSYI2 fails with RC=8, RSN=841. 

It seems the SYX output cannot be used as SYI2 input, however I see no reason why. 

Any clue? 

You have a typo in your import job. You left off the X on the last line of the encrypted_key.

Yes, it is AES, AESKW and AES EXPORTER

Code:

EXPORT

exporter_key_label = LEFT('KEK.EXPORT.BBB.CCC'      ,64) 
aes_data_key_label = LEFT('KEK.EXPORT.BBB.DDD'      ,64) /*it's also exporter*/
                                                         

syx_rc                    = 'FFFFFFFF'x          
syx_rs                    = 'FFFFFFFF'x          
syx_exit_length           = '00000000'x 
syx_exit_data             = ''            
syx_rule_array_count      = '00000002'x                  
syx_rule_array            = 'AES     ' !!,               
                            'AESKW   '                   
syx_source_key_length     = '00000040'x                  
syx_source_key            = aes_data_key_label           
syx_transport_key_length  = '0000040'x                   
syx_transport_key         = exporter_key_label           
syx_enciphered_key_length = '00000384'x                  
syx_enciphered_key        = COPIES('00'x,900)            
CALL CSNDSYX                         
...
EXIT

CSNDSYX:                                                     
ADDRESS linkpgm "CSNDSYX",                                   
   'syx_rc'                          'syx_rs'               ,
   'syx_exit_length'                 'syx_exit_data'        ,
   'syx_rule_array_count'            'syx_rule_array'       ,
   'syx_source_key_length'           'syx_source_key'       ,
   'syx_transport_key_length'        'syx_transport_key'    ,
   'syx_enciphered_key_length'       'syx_enciphered_key'    
                                                       
RETURN      
===============================================================
IMPORT

importer_key_label = LEFT('KEK.IMPORT.BBB.CCC',64)                  
                                                                    
/* key to be imported                     */            
aes_data_key_label = LEFT('KEK.IMPORTED',64)
/*taken from syx_enciphered_key */     
encrypted_key = ,                                                     
'0200008C050000000202B970C082F3C8A0C50000000000000000020200000100'x!!,
'001E0000000002800002000304FC000000E000F80003E0000000031418BBBAD4'x!!,
'00C1217B9C2DF8C32BA488FC83512DBADB6619FF44B49F460088AB2A1A960B4D'x!!,
'2A17CF24FA20E45E6527D21098951850D632AD4F50D30245926CAFA48A4B8792'x!!,
'B801280017F3D24232BC75D4'                                            
/* taken from syx_enciphered_key_length */
encrypted_key_length = '0000008C'x                                    

syi2_rc               = 'FFFFFFFF'x                              
syi2_rs               = 'FFFFFFFF'x                              
syi2_exit_length      = '00000000'x                              
syi2_exit_data        = ''                                       
syi2_key_name_length  = '00000000'x                              
syi2_key_name         = ''                                       
syi2_rule_count            = '00000002'x             
syi2_rule_array            = 'AES     ' !! 'AESKW   '         
syi2_enciphered_key_length = encrypted_key_length    
syi2_enciphered_key        = encrypted_key           
syi2_transport_key_length  = '00000040'x             
syi2_transport_key         = importer_key_label      
syi2_target_key_length     = '000002D5'x             
syi2_target_key            = copies('00'x,725)       
CALL CSNDSYI2                                        
...
EXIT

CSNDSYI2:                                                        
ADDRESS linkpgm "CSNDSYI2",                                      
   'syi2_rc'                          'syi2_rs'                 ,
   'syi2_exit_length'                 'syi2_exit_data'          ,
   'syi2_rule_count'                  'syi2_rule_array'         ,
   'syi2_enciphered_key_length'       'syi2_enciphered_key'     ,
   'syi2_transport_key_length'        'syi2_transport_key'      ,
   'syi2_key_name_length'             'syi2_key_name'           ,
   'syi2_target_key_length'           'syi2_target_key'          

RETURN

As far as I can see, this should work. I'll ask around for an example.
To be clear, you are exporting an AES CIPHER key using an AES EXPORTER with rules AES, AESKW?

The following scenario:

CSNDSYX is used for export an AES key. The KEK is AES EXPORTER, labeled KEK.EXP1 

Then CSNDSYI2 is used for import the AES key on another system. 

Output (enciphered_key) from CSNDSYSX is sent to CSNDSYI2 and used as an input. 

REXX script pair is working with AES CIPHER with the following rules: AES, AESKW. 

BTW: the script pair also works for HMAC (rules: HMAC, AESKW) and DES (rules: DES, AESKWCV).

The I tried to send EXPORTER key, lets say labeled EXP2. In other words: EXP2 is exported using KEK.EXP1.

CSNDSYSX ended OK (rc=0) and I got enciphered key. Note, the output is longer than for regular AES CIPHER (CIPHER: 88'x, EXPORTER: 8C'x). 

So far, so good...

However CSNDSYI2 fails with RC=8, RSN=841. 

It seems the SYX output cannot be used as SYI2 input, however I see no reason why. 

Any clue?