Change this program example to suit your needs for creating a DES key with your Cryptographic Coprocessor.
If you choose to use this program example, change it to suit your specific needs. For security reasons, IBM® recommends that you individualize these program examples rather than using the default values provided.
/*---------------------------------------------------------------*/
/* Generate DES keys in key store. */
/* */
/* COPYRIGHT 5769-SS1 (c) IBM Corp 1999 */
/* */
/* This material contains programming source code for your */
/* consideration. These examples have not been thoroughly */
/* tested under all conditions. IBM, therefore, cannot */
/* guarantee or imply reliability, serviceability, or function */
/* of these programs. All programs contained herein are */
/* provided to you "AS IS". THE IMPLIED WARRANTIES OF */
/* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE */
/* EXPRESSLY DISCLAIMED. IBM provides no program services for */
/* these programs and files. */
/* */
/* Parameters: */
/* char * key label, 1 to 64 characters */
/* char * key store name, 1 to 21 characters in form 'lib/file' */
/* (optional, see second note below) */
/* */
/* Examples: */
/* CALL PGM(KEYGEN) PARM('TEST.LABEL.1') */
/* */
/* CALL PGM(KEYGEN) PARM('MY.OWN.LABEL' 'QGPL/MYKEYSTORE') */
/* */
/* Note: This program assumes the device you want to use is */
/* already identified either by defaulting to the CRP01 */
/* device or has been explicitly named using the */
/* Cryptographic_Resource_Allocate verb. Also this */
/* device must be varied on and you must be authorized */
/* to use this device description. */
/* */
/* If the key store name parameter is not provided, this */
/* program assumes the key store file you will use is */
/* already identifed either by being specified on the */
/* cryptographic device or has been previously named */
/* using the Key_Store_Designate verb. Also you must be */
/* authorized to add and update records in this file. */
/* */
/* Use the following commands to compile this program: */
/* ADDLIBLE LIB(QCCA) */
/* CRTCMOD MODULE(KEYGEN) SRCFILE(SAMPLE) */
/* CRTPGM PGM(KEYGEN) MODULE(KEYGEN) + */
/* BNDSRVPGM(QCCA/CSUAKSD QCCA/CSNBKRC QCCA/CSNBKGN) */
/* */
/* Note: authority to the CSUAKSD, CSNBKRC and CSNBKGN service */
/* programs in the QCCA library is assumed. */
/* */
/* Common Cryptographic Architecture (CCA) verbs used: */
/* Key_Store_Designate (CSUAKSD) */
/* DES_Key_Record_Create (CSNBKRC) */
/* Key_Generate (CSNBKGN) */
/* */
/*---------------------------------------------------------------*/
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include "csucincl.h" /* header file for CCA Cryptographic
Service Provider */
int main(int argc, char *argv[])
{
/*-------------------------------------------------------------------*/
/* standard return codes */
/*-------------------------------------------------------------------*/
#define ERROR -1
#define OK 0
/*-------------------------------------------------------------------*/
/* standard CCA parameters */
/*-------------------------------------------------------------------*/
long return_code;
long reason_code;
long exit_data_length;
char exit_data[2];
long rule_array_count;
/*-------------------------------------------------------------------*/
/* fields unique to this sample program */
/*-------------------------------------------------------------------*/
long file_name_length;
char key_label[64];
/*-------------------------------------------------------------------*/
/* See if the user wants to specify which key store file to use */
/*-------------------------------------------------------------------*/
if(argc > 2)
{
file_name_length = strlen(argv[2]);
if((file_name_length > 0) &&
(file_name_length < 22))
{
rule_array_count = 1;
CSUAKSD(&return_code,
&reason_code,
&exit_data_length,
exit_data,
&rule_array_count,
"DES ", /* rule_array, we are working with
DES keys in this sample program */
&file_name_length,
argv[2]); /* key store file name */
if (return_code != 0)
{
printf("Key store designate failed for reason %d/%d\n\n",
return_code, reason_code);
return ERROR;
}
else
{
printf("Key store designated\n");
printf("SAPI returned %ld/%ld\n", return_code, reason_code);
}
}
else
{
printf("Key store file name is wrong length");
return ERROR;
}
}
else; /* let key store file name default */
/*-------------------------------------------------------------------*/
/* Create a record in key store */
/*-------------------------------------------------------------------*/
memset(key_label, ' ', 64);
memcpy(key_label, argv[1], strlen(argv[1]));
CSNBKRC(&return_code,
&reason_code,
&exit_data_length,
exit_data,
key_label);
if (return_code != 0)
{
printf("Record could not be added to key store for reason %d/%d\n\n",
return_code, reason_code);
return ERROR;
}
else
{
printf("Record added to key store\n");
printf("SAPI returned %ld/%ld\n", return_code, reason_code);
}
/*-------------------------------------------------------------------*/
/* Generate a key */
/*-------------------------------------------------------------------*/
CSNBKGN(&return_code,
&reason_code,
&exit_data_length,
exit_data,
"OP ", /* operational key is requested */
"SINGLE ", /* single length key requested */
"DATA ", /* Data encrypting key requested */
" ", /* second value must be blanks when
key form requests only one key */
"\0", /* key encrypting key is null for
operational keys */
"\0", /* key encrypting key is null since
only one key is being requested */
key_label, /* store generated key in key store*/
"\0"); /* no second key is requested */
if (return_code != 0)
{
printf("Key generation failed for reason %d/%d\n\n",
return_code, reason_code);
return ERROR;
}
else
{
printf("Key generated and stored in key store\n");
printf("SAPI returned %ld/%ld\n\n", return_code, reason_code);
return OK;
}
}