What is the difference between the below mentioned parameters displayed in the TSS MODIFY STATUS output?
AES_ENCRYPTION(Active,256)
...
AESENC(128)
Release : 16.0
AES_ENCRYPTION(Active,256) in the TSS9661I CA Top Secret FEATURES Status section means the security file was allocated with AES256ENCRYPT in the SECPARMS.
AESENC(128) is a control option in the Top Secret parameter file that is currently set. The AESENC control option is used to determine which AES encryption algorithm (128-bit or 256-bit) to use for encrypting user passwords and password phrases.