276 lines
14 KiB
HTML
276 lines
14 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<!DOCTYPE html
|
||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html lang="en-us" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow" />
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<meta name="DC.Type" content="reference" />
|
||
|
<meta name="DC.Title" content="Example: ILE RPG program for enabling all access control points in the default role for your Coprocessor" />
|
||
|
<meta name="abstract" content="Change this program example to suit your needs for enabling all access control points in the default role for your Coprocessor." />
|
||
|
<meta name="description" content="Change this program example to suit your needs for enabling all access control points in the default role for your Coprocessor." />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzajcsetup.htm" />
|
||
|
<meta name="DC.Relation" scheme="URI" content="rzajcrolesprofiles.htm#definingroles" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
||
|
<meta name="DC.Format" content="XHTML" />
|
||
|
<meta name="DC.Identifier" content="setdefaultrpg" />
|
||
|
<meta name="DC.Language" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
||
|
<title>Example: ILE RPG program for enabling all access control points in
|
||
|
the default role for your Coprocessor</title>
|
||
|
</head>
|
||
|
<body id="setdefaultrpg"><a name="setdefaultrpg"><!-- --></a>
|
||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
||
|
<h1 class="topictitle1">Example: ILE RPG program for enabling all access control points in
|
||
|
the default role for your Coprocessor</h1>
|
||
|
<div><p>Change this program example to suit your needs for enabling all
|
||
|
access control points in the default role for your Coprocessor. </p>
|
||
|
<div class="section"><div class="note"><span class="notetitle">Note:</span> Read the <a href="codedisclaimer.htm#codedisclaimer">Code license and disclaimer information</a> for
|
||
|
important legal information.<p>If you choose to use this program example,
|
||
|
change it to suit your specific needs. For security reasons, IBM<sup>®</sup> recommends
|
||
|
that you individualize these program examples rather than using the default
|
||
|
values provided.</p>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div class="example"> <pre> D*************************************************************
|
||
|
D* SETDEFAULT
|
||
|
D*
|
||
|
D* Sample program to authorize the default role to all access
|
||
|
D* control points in the cardX.
|
||
|
D*
|
||
|
D*
|
||
|
D* COPYRIGHT 5769-SS1 (C) IBM CORP. 2000, 2000
|
||
|
D*
|
||
|
D* This material contains programming source code for your
|
||
|
D* consideration. These example has not been thoroughly
|
||
|
D* tested under all conditions. IBM, therefore, cannot
|
||
|
D* guarantee or imply reliability, serviceability, or function
|
||
|
D* of these programs. All programs contained herein are
|
||
|
D* provided to you "AS IS". THE IMPLIED WARRANTIES OF
|
||
|
D* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||
|
D* ARE EXPRESSLY DISCLAIMED. IBM provides no program services for
|
||
|
D* these programs and files.
|
||
|
D*
|
||
|
D*
|
||
|
D* Note: Input format is more fully described in Chapter 2 of
|
||
|
D* IBM CCA Basic Services Reference and Guide
|
||
|
D* (SC31-8609) publication.
|
||
|
D*
|
||
|
D* Parameters: None
|
||
|
D*
|
||
|
D* Example:
|
||
|
D* CALL PGM(SETDEFAULT)
|
||
|
D*
|
||
|
D* Use these commands to compile this program on the system:
|
||
|
D* CRTRPGMOD MODULE(SETDEFAULT) SRCFILE(SAMPLE)
|
||
|
D* CRTPGM PGM(SETEID) MODULE(SETDEFAULT)
|
||
|
D* BNDSRVPGM(QCCA/CSUAACI)
|
||
|
D*
|
||
|
D* Note: Authority to the CSUAACI service program in the
|
||
|
D* QCCA library is assumed.
|
||
|
D*
|
||
|
D* The Common Cryptographic Architecture (CCA) verbs used are
|
||
|
D* Access_Control_Initialize (CSUAACI)
|
||
|
D*
|
||
|
D**************************************************************
|
||
|
D*--------------------------------------------------------
|
||
|
D* Declare variables used by CCA SAPI calls
|
||
|
D*--------------------------------------------------------
|
||
|
D* ** Return code
|
||
|
DRETURNCODE S 9B 0
|
||
|
D* ** Reason code
|
||
|
DREASONCODE S 9B 0
|
||
|
D* ** Exit data length
|
||
|
DEXITDATALEN S 9B 0
|
||
|
D* ** Exit data
|
||
|
DEXITDATA S 4
|
||
|
D* ** Rule array count
|
||
|
DRULEARRAYCNT S 9B 0
|
||
|
D* ** Rule array
|
||
|
DRULEARRAY S 16
|
||
|
D* ** Verb data 1 length
|
||
|
DVERBDATALEN1 S 9B 0 INZ(0)
|
||
|
D* ** Verb data 1
|
||
|
DVERBDATA1 S 4
|
||
|
D* ** Verb data 2 length
|
||
|
DVERBDATALEN2 S 9B 0 INZ(117)
|
||
|
D*-------------------------------------------------------------
|
||
|
D* Verbdata 2 contains the aggregate role structure which
|
||
|
D* in turn contains 1 role - the default role
|
||
|
D*-------------------------------------------------------------
|
||
|
DVERBDATA2 DS 200
|
||
|
D* ** Define 1 Role
|
||
|
DNUMROLES 9B 0 INZ(1)
|
||
|
D* ** Reserved field
|
||
|
DRESR1 9B 0 INZ(0)
|
||
|
D* ** Version 1 struct
|
||
|
DVERS 2 INZ(X'0100')
|
||
|
D* ** Length of role
|
||
|
DROLELEN 2 INZ(X'006D')
|
||
|
D* ** Description of role
|
||
|
DCOMMENT 20 INZ(' ')
|
||
|
D* ** Checksum is not used
|
||
|
DCHECKSUM 2 INZ(X'0000')
|
||
|
D* ** Reserved field
|
||
|
DRESR2 2 INZ(X'0000')
|
||
|
D* ** Role Name is DEFAULT expressed in ASCII
|
||
|
DROLE 8 INZ(X'44454641554C5420')
|
||
|
D* ** Authentication strength is set to 0
|
||
|
DAUTHSTRN 2 INZ(X'0000')
|
||
|
D* ** Lower time is 00:00
|
||
|
DLWRTIMHR 1 INZ(X'00')
|
||
|
DLWRTIMMN 1 INZ(X'00')
|
||
|
D* ** Upper time is 23:59
|
||
|
DUPRTIMHR 1 INZ(X'17')
|
||
|
DUPRTIMMN 1 INZ(X'3B')
|
||
|
D* ** Valid days of week
|
||
|
DVALIDDOW 1 INZ(X'FE')
|
||
|
D* ** Reserved field
|
||
|
DRESR3 1 INZ(X'00')
|
||
|
D* ** 2 Access control points segements are defined
|
||
|
DNUMSEG 2 INZ(X'0002')
|
||
|
D* ** Reserved field
|
||
|
DRESR4 2 INZ(X'0000')
|
||
|
D* ** Starting bit of segment 1 is 0.
|
||
|
DSTART1 2 INZ(X'0000')
|
||
|
D* ** Ending bit of segment 1 is 295 (Hex 127).
|
||
|
DEND1 2 INZ(X'0127')
|
||
|
D* ** 37 Bytes in segment 1
|
||
|
DNUMBYTES1 2 INZ(X'0025')
|
||
|
D* ** Reserved field
|
||
|
DRESR5 2 INZ(X'00')
|
||
|
D* ** Segment 1 access control points
|
||
|
DBITMAP1A 8 INZ(X'0003F0FD80003000')
|
||
|
DBITMAP1B 8 INZ(X'80001900C0000000')
|
||
|
DBITMAP1C 8 INZ(X'000A8000882F7110')
|
||
|
DBITMAP1D 8 INZ(X'1804033180000000')
|
||
|
DBITMAP1E 5 INZ(X'FF7FFFFF80')
|
||
|
D* ** Starting bit of segment 2 is 512 (Hex 200).
|
||
|
DSTART2 2 INZ(X'0200')
|
||
|
D* ** Ending bit of segment 2 is 575 (Hex 23F)
|
||
|
DEND2 2 INZ(X'023F')
|
||
|
D* ** 8 Bytes in segment 2
|
||
|
DNUMBYTES2 2 INZ(X'0008')
|
||
|
D* ** Reserved field
|
||
|
DRESR6 2 INZ(X'0000')
|
||
|
D* ** Segment 2 access control points
|
||
|
DBITMAP2 8 INZ(X'F8007FFF7FFFE60F')
|
||
|
D*
|
||
|
D**********************************************************
|
||
|
D* Prototype for Access_Control_Initialize (CSUAACI)
|
||
|
D**********************************************************
|
||
|
DCSUAACI PR
|
||
|
DRETCODE 9B 0
|
||
|
DRSNCODE 9B 0
|
||
|
DEXTDTALEN 9B 0
|
||
|
DEXTDTA 4
|
||
|
DRARRAYCT 9B 0
|
||
|
DRARRAY 16
|
||
|
DVRBDTALEN1 9B 0
|
||
|
DVRBDTA1 4
|
||
|
DVRBDTALEN2 9B 0
|
||
|
DVRBDTA2 200
|
||
|
D*
|
||
|
D*-------------------------------------------------------------
|
||
|
D* ** Declares for sending messages to the
|
||
|
D* ** job log using the QMHSNDPM API
|
||
|
D*-------------------------------------------------------------
|
||
|
DMSG S 64 DIM(2) CTDATA PERRCD(1)
|
||
|
DMSGLENGTH S 9B 0 INZ(64)
|
||
|
D DS
|
||
|
DMSGTEXT 1 64
|
||
|
DFAILRETC 41 44
|
||
|
DFAILRSNC 46 49
|
||
|
DMESSAGEID S 7 INZ(' ')
|
||
|
DMESSAGEFILE S 21 INZ(' ')
|
||
|
DMSGKEY S 4 INZ(' ')
|
||
|
DMSGTYPE S 10 INZ('*INFO ')
|
||
|
DSTACKENTRY S 10 INZ('* ')
|
||
|
DSTACKCOUNTER S 9B 0 INZ(2)
|
||
|
DERRCODE DS
|
||
|
DBYTESIN 1 4B 0 INZ(0)
|
||
|
DBYTESOUT 5 8B 0 INZ(0)
|
||
|
C*
|
||
|
C**************************************************************
|
||
|
C* START OF PROGRAM *
|
||
|
C* *
|
||
|
C*------------------------------------------------------------*
|
||
|
C* Set the keywords in the rule array *
|
||
|
C*------------------------------------------------------------*
|
||
|
C MOVEL 'INIT-AC ' RULEARRAY
|
||
|
C MOVE 'REPLACE ' RULEARRAY
|
||
|
C Z-ADD 2 RULEARRAYCNT
|
||
|
C**************************************************************
|
||
|
C* Call Access_Control_Initialize SAPI
|
||
|
C**************************************************************
|
||
|
C CALLP CSUAACI (RETURNCODE:
|
||
|
C REASONCODE:
|
||
|
C EXITDATALEN:
|
||
|
C EXITDATA:
|
||
|
C RULEARRAYCNT:
|
||
|
C RULEARRAY:
|
||
|
C VERBDATALEN1:
|
||
|
C VERBDATA1:
|
||
|
C VERBDATALEN2:
|
||
|
C VERBDATA2)
|
||
|
C*-----------------------*
|
||
|
C* Check the return code *
|
||
|
C*-----------------------*
|
||
|
C RETURNCODE IFGT 4
|
||
|
C* *------------------------*
|
||
|
C* * Send failure message *
|
||
|
C* *------------------------*
|
||
|
C MOVEL MSG(1) MSGTEXT
|
||
|
C MOVE RETURNCODE FAILRETC
|
||
|
C MOVE REASONCODE FAILRSNC
|
||
|
C EXSR SNDMSG
|
||
|
C*
|
||
|
C ELSE
|
||
|
C* *----------------------*
|
||
|
C* * Send success message *
|
||
|
C* *----------------------*
|
||
|
C MOVE MSG(2) MSGTEXT
|
||
|
C EXSR SNDMSG
|
||
|
C*
|
||
|
C ENDIF
|
||
|
C*
|
||
|
C SETON LR
|
||
|
C*
|
||
|
C**************************************************************
|
||
|
C* Subroutine to send a message
|
||
|
C**************************************************************
|
||
|
C SNDMSG BEGSR
|
||
|
C CALL 'QMHSNDPM'
|
||
|
C PARM MESSAGEID
|
||
|
C PARM MESSAGEFILE
|
||
|
C PARM MSGTEXT
|
||
|
C PARM MSGLENGTH
|
||
|
C PARM MSGTYPE
|
||
|
C PARM STACKENTRY
|
||
|
C PARM STACKCOUNTER
|
||
|
C PARM MSGKEY
|
||
|
C PARM ERRCODE
|
||
|
C ENDSR
|
||
|
**
|
||
|
CSUAACI failed with return/reason codes 9999/9999.
|
||
|
The Default role was successfully set.</pre>
|
||
|
</div>
|
||
|
</div>
|
||
|
<div>
|
||
|
<div class="familylinks">
|
||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajcsetup.htm" title="Configuring your Cryptographic Coprocessor allows you to begin to use all of its cryptographic operations.">Configure the Cryptographic Coprocessor</a></div>
|
||
|
</div>
|
||
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
||
|
<div><a href="rzajcrolesprofiles.htm#definingroles">Defining roles</a></div>
|
||
|
</div>
|
||
|
</div>
|
||
|
</body>
|
||
|
</html>
|