Field Keys Menu

The Key Policy and Security Menu allows you to control the environment settings for Powertech Encryption for IBM i’s Key Management System. These settings are encrypted with the Product Encryption Key (PEK) and are stored in the CRYPTO library by default.

How to Get There

From the Field Encryption Menu, choose option 20, Field Keys Menu. Or, execute the command GO CRYPTO/CRYPTO7.

Options

1. Work with Field Encryption Keys (WRKFLDKEY)

Choose this option to open the Work with Field Encryption Keys (WRKFLDKEY) panel, where authorized users can display the keys used for encrypting/decrypting a field entry in the Registry.

2. Change Field Encryption Key (CHGFLDKEY)

Choose this option to open the Change Field Encryption Key (CHGFLDKEY) panel, which allows authorized users to change (rotate) the keys used to encrypt and decrypt data for a field entry in the Encryption Registry.

3. Translate Field Encryption Keys - External Storage (TRNFLDKEY)

Choose this option to open the Translate Field Encryption Keys – External Storage (TRNFLDKEY) panel, which allows authorized users to translate (re-encrypt) any field values, which were encrypted under older Keys, up to the most current Key for the specified Field Identifier.

4. Translate Field Encryption Keys - Internal Storage (TRNFLDKEYI)

Choose this option to open the Translate Field Encryption Key – Internal Storage (TRNFLDKEYI) panel (internal), which allows authorized users to translate (re-encrypt) field values to a new key.

5. Translate Field Encryption Keys - Field Procedure (TRNFLDKEYF)

Choose this option to open the Translate Field Encryption Key – Field Procedure (TRNFLDKEYF) panel (fields), which allows authorized users to translate (re-encrypt) field values to a new key for the specified Field Identifier.

6. Translate File Encryption Keys - Field Procedure (TRNFILKEYF)

Choose this option to open the Translate File Encryption Key - Field Procedure (TRNFILKEYF) panel, which allows authorized users to translate (re-encrypt) field values in a file (when a Pending Key has been entered) to the new pending Keys previously entered.