Change this program example to suit your needs for setting the min and max values for master key shares in your Cryptographic Coprocessor.
/*-------------------------------------------------------------------*/
/* Set the M-of-N values in the Coprocessor. These values are */
/* used in cloning of the master key. The master key is */
/* cryptographically split into N number of parts and M number of */
/* parts are needed to recover it. */
/* */
/* COPYRIGHT 5769-SS1 (C) IBM CORP. 1999, 2000 */
/* */
/* This material contains programming source code for your */
/* consideration. These examples have not been thoroughly */
/* tested under all conditions. IBM, therefore, cannot */
/* guarantee or imply reliability, serviceability, or function */
/* of these program. All programs contained herein are */
/* provided to you "AS IS". THE IMPLIED WARRANTIES OF */
/* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE */
/* ARE EXPRESSLY DISCLAIMED. IBM provides no program services for */
/* these programs and files. */
/* */
/* */
/* Note: Input format is more fully described in Chapter 2 of */
/* IBM CCA Basic Services Reference and Guide */
/* (SC31-8609) publication. */
/* */
/* Parameters: */
/* none. */
/* */
/* Example: */
/* CALL PGM(SETMOFN) PARM(5 15) */
/* */
/* */
/* Note: This program assumes the device to use */
/* already identified either by defaulting to the CRP01 */
/* device or by being explicitly named using the */
/* Cryptographic_Resource_Allocate verb. Also this */
/* device must be varied on and you must be authorized */
/* to use this device description. */
/* */
/* Use these commands to compile this program on the system: */
/* ADDLIBLE LIB(QCCA) */
/* CRTCMOD MODULE(SETMOFN) SRCFILE(SAMPLE) */
/* CRTPGM PGM(SETMOFN) MODULE(SETMOFN) */
/* BNDSRVPGM(QCCA/CSUACFC) */
/* */
/* Note: Authority to the CSUACFC service program in the */
/* QCCA library is assumed. */
/* */
/* The Common Cryptographic Architecture (CCA) verb used is */
/* Cryptographic_Facilites_Control (CSUACFC). */
/* */
/*-------------------------------------------------------------------*/
#include "csucincl.h" /* header file for CCA Cryptographic */
/* Service Provider */
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "decimal.h"
/*-------------------------------------------------------------------*/
/* standard return codes */
/*-------------------------------------------------------------------*/
#define ERROR -1
#define OK 0
#define WARNING 4
int main(int argc, char *argv[])
{
/*-------------------------------------------------------------------*/
/* standard CCA parameters */
/*-------------------------------------------------------------------*/
long return_code = 0;
long reason_code = 0;
long exit_data_length = 2;
char exit_data[4];
char rule_array[2][8];
long rule_array_count = 2;
/*-------------------------------------------------------------------*/
/* fields unique to this sample program */
/*-------------------------------------------------------------------*/
decimal(15,5) mparm, nparm;
long verb_data[2];
long verb_data_length = 8;
/*-------------------------------------------------------------------*/
/* Process parameters. Numeric parms from the command line are */
/* passed in decimal 15,5 format. The parms need to be converted */
/* to int format. */
/*-------------------------------------------------------------------*/
memcpy(&mparm,argv[1],sizeof(mparm));
memcpy(&nparm,argv[2],sizeof(nparm));
verb_data[0] = mparm;
verb_data[1] = nparm;
/*-------------------------------------------------------------------*/
/* Set keywords in the rule array */
/*-------------------------------------------------------------------*/
memcpy(rule_array,"ADAPTER1SET-MOFN", 16);
/*-------------------------------------------------------------------*/
/* Invoke the verb to set the M of N values */
/*-------------------------------------------------------------------*/
CSUACFC( &return_code,
&reason_code,
&exit_data_length,
exit_data,
&rule_array_count,
(char *)rule_array,
&verb_data_length,
(unsigned char *)verb_data);
/*-------------------------------------------------------------------*/
/* Check the results of the call */
/*-------------------------------------------------------------------*/
if ( (return_code == OK) | (return_code == WARNING) )
{
printf("M of N values were successfully set with ");
printf("return/reason codes %ld/%ld\n\n",
return_code, reason_code);
return(OK);
}
else
{
printf("An error occurred while setting the M of N values.\n");
printf("Return/reason codes %ld/%ld\n\n",
return_code, reason_code);
return(ERROR);
}
}