Create Device Desc (Crypto) (CRTDEVCRP)

Where allowed to run: All environments (*ALL)
Threadsafe: No
Parameters
Examples
Error messages

The Create Device Description (Crypto) (CRTDEVCRP) command creates a device description for a cryptographic device.

Top

Parameters

Keyword Description Choices Notes
DEVD Device description Name Required, Key, Positional 1
RSRCNAME Resource name Name, *NONE Required, Key, Positional 2
APPTYPE Application type *CCA, *CCAUDX, *NONE Optional
ONLINE Online at IPL *NO, *YES Optional
MSGQ Message queue Single values: *SYSVAL, *SYSOPR
Other values: Qualified object name
Optional
Qualifier 1: Message queue Name
Qualifier 2: Library Name, *LIBL, *CURLIB
PKAKEYFILE PKA key store file Single values: *NONE
Other values: Qualified object name
Optional
Qualifier 1: PKA key store file Name
Qualifier 2: Library Name, *LIBL, *CURLIB
DESKEYFILE DES key store file Single values: *NONE
Other values: Qualified object name
Optional
Qualifier 1: DES key store file Name
Qualifier 2: Library Name, *LIBL, *CURLIB
TEXT Text 'description' Character value, *BLANK Optional
AUT Authority Name, *CHANGE, *ALL, *USE, *EXCLUDE, *LIBCRTAUT Optional
Top

Device description (DEVD)

Specifies the name of the device description being created.

Top

Resource name (RSRCNAME)

Specifies the resource name that identifies the hardware that the description represents.

*NONE
No resource name is specified. A resource name must be provided before the device can be varied on.
resource-name
Specify the name that identifies the crypto device hardware on the system.

Note: Use the Work with Hardware Resources (WRKHDWRSC) command with TYPE(*CRP) specified to determine the resource name.

Top

Application type (APPTYPE)

Specifies the application that runs inside of the secure computing environment on the cryptographic device.

*CCA
The flash memory in the cryptographic device is initialized with the Common Cryptographic Architecture (CCA) application.

Note: This value is valid only for 4758 and 4764 device types.

*CCAUDX
The flash memory in the cryptographic device is initialized only if the system does not detect the CCA application or a CCA User Defined Extension (UDX) application within the flash memory of the device.

Note: This value is valid only for 4758 and 4764 device types.

*NONE
The cryptographic device does not support flash memory applications.

Note: This value is valid only for 2058 device type.

Top

Online at IPL (ONLINE)

Specifies whether this object is automatically varied on at initial program load (IPL).

*NO
This device is not varied on automatically at IPL.
*YES
This device is varied on automatically at IPL.
Top

Message queue (MSGQ)

Specifies the qualified name of the message queue to which messages are sent.

The possible qualified names are:

*SYSVAL
The messages are sent to the message queue specified by the system value.
*SYSOPR
Messages are sent to the QSYSOPR message queue in QSYS.
message-queue-name
Specify the name of the message queue to which operational messages are sent.
*LIBL
All libraries in the job's library list are searched until the first match is found.
*CURLIB
The current library for the job is searched. If no library is specified as the current library for the job, the QGPL library is used.
library-name
Specify the name of the library to be searched.
Top

PKA key store file (PKAKEYFILE)

Specifies the name of the database file containing the PKA (Public Key Algorithm) keys.

Single values

*NONE
No default PKA key database is used.

Other values

PKA-key-store-file-name
Specifies the name of the default PKA key database.

The possible library values are:

*LIBL
All libraries in the library list for the current thread are searched until the first match is found.
*CURLIB
The current library for the thread is searched. If no library is specified as the current library for the thread, the QGPL library is searched.
library-name
Specify the library where the object is located.
Top

DES key store file (DESKEYFILE)

Specifies the name of the database file containing the DES (Data Encryption Standard) keys used for this device.

Single values

*NONE
No default DES key database is used.

Other values

DES-key-store-file-name
Specifies the name of the default DES key database.

The possible library values are:

*LIBL
All libraries in the library list for the current thread are searched until the first match is found.
*CURLIB
The current library for the thread is searched. If no library is specified as the current library for the thread, the QGPL library is searched.
library-name
Specify the library where the object is located.
Top

Text 'description' (TEXT)

Specifies the text that briefly describes the object.

*BLANK
No text is specified.
character-value
Specify no more than 50 characters of text, enclosed in apostrophes.
Top

Authority (AUT)

Specifies the authority you are giving to users who do not have specific authority for the object, who are not on an authorization list, and whose group profile or supplemental group profiles do not have specific authority for the object.

*CHANGE
The user can perform all operations on the object except those limited to the owner or controlled by object existence (*OBJEXIST) and object management (*OBJMGT) authorities. The user can change and perform basic functions on the object. *CHANGE authority provides object operational (*OBJOPR) authority and all data authority. If the object is an authorization list, the user cannot add, change, or remove users.
*ALL
The user can perform all operations except those limited to the owner or controlled by authorization list management (*AUTLMGT) authority. The user can control the object's existence, specify the security for the object, change the object, and perform basic functions on the object. The user also can change ownership of the object.
*USE
The user can perform basic operations on the object, such as running a program or reading a file. The user cannot change the object. Use (*USE) authority provides object operational (*OBJOPR), read (*READ), and execute (*EXECUTE) authorities.
*EXCLUDE
The user cannot access the object.
*LIBCRTAUT
The system determines the authority for the object by using the value specified for the Create authority (CRTAUT) parameter on the Create Library (CRTLIB) command for the library containing the object to be created. If the value specified for the CRTAUT parameter is changed, the new value will not affect any existing objects.
name
Specify the name of an authorization list to be used for authority to the object. Users included in the authorization list are granted authority to the object as specified in the list. The authorization list must exist when the object is created.
Top

Examples

CRTDEVCRP   DEVD(CRP01)  RSRCNAME(CRP01)

This command creates a device description for a cryptographic device that is named CRP01. The device type is determined from the resource name.

Top

Error messages

*ESCAPE Messages

CPF261A
Device description &1 not created due to errors.
Top