The default encryption key (a binary value) to use with the ENCRYPT and DECRYPT functions. The default value is the Unknown value (?).
Data type: RAW
Access: Write-only
Applies to: SECURITY-POLICY system handle
You may specify this key as a MEMPTR, CHARACTER, or LONGCHAR value, but the AVM treats it as a RAW.
If the value of this attribute is the Unknown value (?), you must provide the encryption key as an argument to the ENCRYPT and DECRYPT functions.
The AVM compares the size of the specified encryption key to the key size specified by the cryptographic algorithm. If the key sizes are inconsistent, the AVM generates a run-time error.
The AVM obscures this attribute value to protect it against unauthorized access. You are responsible for generating, storing, and transporting this value.
You can generate an encryption key, based on the PKCS#5/RFC 2898 standard, by using either the GENERATE-PBE-KEY function or the GENERATE-RANDOM-KEY function.