Example in ILE RPG: Setting up keys
Example in ILE RPG: Setting up keysSee Code disclaimer information for information pertaining to code examples.
Refer to Scenario: Key Management and File Encryption Using the Cryptographic Services APIs for a description of this scenario.
* Sample RPG program: setup_cus
*
* COPYRIGHT 5722-SS1 (c) IBM Corp 2006
*
* This material contains programming source code for your
* consideration. These examples have not been thoroughly
* tested under all conditions. IBM, therefore, cannot
* guarantee or imply reliability, serviceability, or function
* of these programs. All programs contained herein are
* provided to you "AS IS". THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* EXPRESSLY DISCLAIMED. IBM provides no program services for
* these programs and files.
*
* Description: This is a sample program to demonstrate use
* of the Cryptographic Services APIs. APIs demonstrated in
* this program are:
* Create Key Store
* Generate Key Record
* Create Key Context
* Create Algorithm Context
* Generate Symmetric Key
* Destroy Key Context
* Destroy Algorithm Context
*
* Function:
* Create CUSDTA file for storing customer information
* Create CUSPI file for storing info needed to process CUSDTA file.
* Create key store file, CUSKEYFILE.
* Create a KEK in CUSKEYFILE with label CUSDTAKEK.
* Generate a key encrypted under CUSDTAKEK and store in CUSPI.
*
* Refer to the iSeries (TM) Information Center for a full
* description of this scenario.
*
* Use the following command to compile this program:
* CRTRPGMOD MODULE(MY_LIB/SETUP_CUS) SRCFILE(MY_LIB/QRPGLESRC)
*
H bnddir('QC2LE')
Fcuspi uf a e disk usropn
* System includes
D/Copy QSYSINC/QRPGLESRC,QUSEC
D/Copy QSYSINC/QRPGLESRC,QC3CCI
* Prototypes
DSetup_Cus pr 10i 0 extproc('Setup_Cus')
DCrtKeyStore pr extproc('Qc3CreateKeyStore')
D FileName 20 const
D KeyID 10i 0 const
D PublicAuth 10 const
D Description 50 const
D errCod 1
DGenKeyRcd pr extproc('Qc3GenKeyRecord')
D FileName 20 const
D RecordLabel 32 const
D KeyType 10i 0 const
D KeySize 10i 0 const
D KeyExp 10i 0 const
D DisFnc 10i 0 const
D csp 1 const
D cspDevNam 10 const options(*omit)
D errCod 1
DGenSymKey pr extproc('Qc3GenSymmetricKey')
D keyType 10i 0 const
D keySize 10i 0 const
D keyFormat 1 const
D keyForm 1 const
D KEKKey 1 const
D KEKAlg 8 const
D csp 1 const
D cspDevNam 10 const options(*omit)
D KeyString 1
D KeyStringLen 10i 0 const
D KeyLenRtn 10i 0
D errCod 1
DCrtAlgCtx pr extproc('Qc3CreateAlgorithmContext')
D algD 1 const
D algFormat 8 const
D AESctx 8
D errCod 1
DCrtKeyCtx pr extproc('Qc3CreateKeyContext')
D key 1 const
D keySize 10i 0 const
D keyFormat 1 const
D keyType 10i 0 const
D keyForm 1 const
D keyEncKey 8 const options(*omit)
D keyEncAlg 8 const options(*omit)
D keyTkn 8
D errCod 1
DDestroyKeyCtx pr extproc('Qc3DestroyKeyContext')
D keyTkn 8 const
D errCod 1
DDestroyAlgCtx pr extproc('Qc3DestroyAlgorithmContext')
D AESTkn 8 const
D errCod 1
DPrint pr 10i 0 extproc('printf')
D charString 1 const options(*nopass)
DSystem pr 10i 0 extproc('system')
D Cmd * value options(*string)
PSetup_Cus b export
DSetup_Cus pi 10i 0
* Local variable
D csp s 1 inz('0')
D error s 10i 0 inz(-1)
D ok s 10i 0 inz(0)
D rtn s 10i 0
D rtnLen s 10i 0
D plainLen s 10i 0
D cipherLen s 10i 0
D kekTkn s 8
D AESctx s 8
D AESkctx s 8
D KEKctx s 8
D FKctx s 8
D keySize s 10i 0
D keyType s 10i 0
D keyLen s 10i 0
D keyFormat s 1
D keyForm s 1
D inCusInfo s 80
D inCusNum s 8 0
D ECUSDTA s 80
C eval rtn = ok
C eval QUSBPRV = 0
* Create file CUSDTA; used for storing customer information
C callp system('CRTPF MY_LIB/CUSDTA AUT(*EXCLUDE)')
* Create file CUSPI, used for processing file CUSDTA
C callp system('CRTPF MY_LIB/CUSPI AUT(*EXCLUDE)')
* Create key store file, CUSKEYFILE, and generate a key record
* with label CUSDTAKEK.
C eval QC3D040000 = *loval
C eval QC3KS00 = 'CUSKEYFILEMY_LIB'
C callp CrtKeyStore( QC3KS00 :3
C :'*EXCLUDE'
C :'Key store for CUSDTA,CUSPI'
C :QUSEC)
* Generate AES key record CUSDTAKEK
C eval QC3RL = 'CUSDTAKEK'
C callp GenKeyRcd( QC3KS00 :QC3RL
C :22 :16
C :0 :0
C :'0' :*OMIT
C :QUSEC)
* Create a key context for CUSDTAKEK
C eval keySize = %size(QC3D040000)
C eval keyType = 22
C eval keyForm = '0'
C callp CrtKeyCtx( QC3D040000 :keySize :'4'
C :keyType :keyForm :*OMIT
C :*OMIT :KEKctx :QUSEC)
* Create an AES algorithm context CUSDTAKEK
C eval QC3D0200 = *loval
C eval QC3BCA = keyType
C eval QC3BL = 16
C eval QC3MODE = '1'
C eval QC3PO = '0'
C callp CrtAlgCtx( QC3D0200 :'ALGD0200'
C :AESctx :QUSEC)
C
* Generate a file key encrypted under CUSDTAKEK
C callp GenSymKey( keyType :16
C :'0' :'1'
C :KEKctx :AESctx
C :'0' :*OMIT
C :KEY :16
C :keyLen :QUSEC)
* Write record with encrypted key file key to CUSPI
C eval LASTCUS = 0
* Open CUSPI
C open(e) cuspi
C if %error = '1'
C callp Print('Open of CUSPI file failed')
C close cuspi
C return error
C endif
C write(e) cuspirec
C if %error = '1'
C callp Print('Error occurred writing -
C record to CUSPI file')
C endif
* Cleanup
C eval KEY = *loval
C callp DestroyKeyCtx( KEKctx :QUSEC)
C callp DestroyAlgCtx( AESctx :QUSEC)
C close cuspi
C eval *inlr = *on
C return rtn
P e
| Top | Cryptographic Services APIs |APIs by category |