| 1 | Results path name | Input | Char(*) |
| 2 | Length of results path name | Input | Binary(4) |
| 3 | Format of results path name | Input | Char(8) |
| 4 | Format of content of results file | Input | Char (8) |
| 5 | Error code | I/O | Char(*) |
The Check System (OPM, QYDOCHKS; ILE, QydoCheckSystem) API checks to see if any key operating system object has changed since it was signed. If any of these objects is unsigned, it is reported as an error. Only signatures from a system trusted source are valid.
Note: This API can take several hours to complete.
See open() API for the authority needed to the results path name. The file is open for append and is created if it does not already exist.
The path name of the object you want to contain the results on this call. This object may not be in a library (that is, may not be under the /QSYS.LIB directory). The name may be relative to the current directory or may specify the entire path name. For example, to store results in a file called SIGNED.LST in the MYDIR directory, the results path name would be '/MYDIR/SIGNED.LST'. If you are using format OBJN0100, this parameter is assumed to be represented in the coded character set identifier (CCSID) currently in effect for the job. If the CCSID of the job is 65535, this parameter is assumed to be represented in the default CCSID of the job.
If this is an existing file, results will be appended to the end of the file. Otherwise, a new file will be created.
The default is not to have a results file.
The length of the results path name. A 0 (zero) length means no results files are used, and the results path name and format of results path name parameter values are not used. If the format of the results path name is OBJN0200, this field must include the QLG path name structure in addition to the path name itself. If the format of the results path name is OBJN0100, only the path name itself is included.
Format of the results path name
| OBJN0100 | The results path name is a simple path name. |
| OBJN0200 | The results path name is an LG-type path name. |
The format of the contents of the file containing the results of this call.
| RSLT0100 | The basic information is returned for each object specified by the object path name parameter. |
The structure in which to return error information. For the format of the structure, see Error Code Parameter.
The following table describes the order and format of the data returned in the RSLT0100 format. This data is repeated for each object that was attempted to be verified. For detailed descriptions of the fields in the tables, see Field Descriptions.
Note:All data in this file will be in CCSID 1200. New files will be created in this CCSID. If an existing file is named that has a different CCSID, an error will be reported.
| Offset | Type | Field | |
|---|---|---|---|
| Dec | Hex | ||
| 0 | 0 | CHAR(7) | Message identifier |
| 7 | 7 | CHAR(9) | Reserved |
| 16 | 10 | CHAR(8) | Date |
| 24 | 18 | CHAR(8) | Reserved |
| 32 | 20 | CHAR(1) | Operation type |
| 33 | 21 | CHAR(15) | Operation type description |
| 48 | 30 | CHAR(8) | Reserved |
| 56 | 38 | CHAR(*) | Fully qualified object name |
Date. The date the operation took place. The format will be YYYYMMDD. For example, June 30, 2002 will be 20020630.
Fully qualified object name. The simple path name from the root to the object whose signature is being verified. The field will be terminated with a new line character.
Message identifier. The error message used to report failure. This field is blank if no error was detected for this object.
Operation type. The operation that was attempted.
| 0 | Signing operation |
| 1 | Verifying operation |
| 2 | Checking operation |
Operation type description. Short word description of the operation that was attempted.
Reserved. This field currently is not used. It is filled with blanks.
The following messages can be sent to the joblog and added to records in the Results Path Name.
| Message ID | Message Text |
|---|---|
| CPFB722 D | Object not signed. |
| CPFB723 D | Object signed, but signature is not valid. |
| CPFB72A D | The object had no trusted signatures on the object. |
| CPFB72B D | Object not found. |
| CPFB72C D | The object cannot currently be signed or verified. |
| Message ID | Error Message Text |
|---|---|
| CPF222E E | &1 special authority is required. |
| CPF9872 E | Program or service program &1 in library &2 ended. Reason code &3. |
| CPF9EA6 E | QVFYOBJRST system value does not verify object signatures during restore at its current setting. |
| CPFA08D E | Request information value is not valid. |
| CPFA0A4 E | Too many open files for process. |
| CPFA0AA E | Error occurred while attempting to obtain space. |
| CPFA0D4 E | File system error occurred. |
| CPFB735 E | The digital signature API parameter &1 is not large enough. |
| CPFB736 E | The digital signature API parameter &1 is not small enough. |
| CPFB737 E | The digital signature API parameter &1 is a null pointer. |
| CPFB738 E | The digital signature API parameter &1 is not a valid format type. |
| CPFB739 E | The digital signature API parameter &1 is out of range. |
| CPFB740 E | The format name for the pathname is not valid. |
| CPFB741 E | The length of the path name parameter is not valid. |
| CPFB744 E | The format of the results file for the digital signing API is an incorrect value. |
| CPFB745 E | The format name for the results file path name is not valid. |
| CPFB746 E | The results file path name length is not large enough. |
| CPFB749 E | Object signature operation ended abnormally. &1 objects attempted, &2 objects successfully processed. |
| CPFB74D E | Results file could not be used. |
| Top | Security APIs | APIs by category |