73 lines
4.7 KiB
HTML
73 lines
4.7 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Code checker integrity verification function" />
|
|
<meta name="abstract" content="Learn how you can verify the integrity of the code checker function that you use to verify the integrity of your system." />
|
|
<meta name="description" content="Learn how you can verify the integrity of the code checker function that you use to verify the integrity of your system." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzalzobjconcepts.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzalzcheckthechecker.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="integrity_verification" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Code checker integrity verification function</title>
|
|
</head>
|
|
<body id="integrity_verification"><a name="integrity_verification"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Code checker integrity verification function</h1>
|
|
<div><p>Learn how you can verify the integrity of the code checker function
|
|
that you use to verify the integrity of your system.</p>
|
|
<p>Beginning in V5R2, i5/OS™ shipped with a code checking function that you
|
|
can use to verify the integrity of signed objects on your system, including
|
|
all operating system code that IBM<sup>®</sup> ships and signs for your system. Now
|
|
in V5R3, you can use a new Application Programming Interface (API) to verify
|
|
the integrity of the code checking function itself, as well as key operating
|
|
system objects. </p>
|
|
<p>The Check System (<a href="../apis/qydochks.htm">QydoCheckSystem</a>)
|
|
API provides i5/OS system
|
|
integrity verification. You use this API to verify the programs (*PGM) and
|
|
service programs (*SRVPGM) and selected command (*CMD) objects in the QSYS
|
|
library. Additionally, the Check System API tests the Restore object (<a href="../cl/rstobj.htm">RSTOBJ</a>) command,
|
|
the Restore Library (<a href="../cl/rstlib.htm">RSTLIB</a>)
|
|
command, the Check Object Integrity (CHKOBJITG) command, and Verify Object
|
|
API. This test ensures that these commands and the Verify Object API report
|
|
signature validation errors when appropriate; for example, when a system supplied
|
|
object is not signed or contains an invalid signature.</p>
|
|
<p>The Check System API reports error messages for verification failures and
|
|
other errors or verification failures to the job log. However, you can also
|
|
specify one of two additional error reporting methods, depending on how you
|
|
set the following options: </p>
|
|
<ul><li>If the QAUDLVL system value is set to *AUDFAIL, then the Check System
|
|
API generates auditing records to report any failures and errors that the
|
|
Restore Object (RSTOBJ), Restore Library (RSTLIB), and Check Object Integrity
|
|
(CHKOBJITG) commands find.</li>
|
|
<li>If the user specifies that the Check System API use a results file in
|
|
the integrated file system, then the API either creates the file if it does
|
|
not exist or the API appends to the file to report any errors or failures
|
|
that the API finds.</li>
|
|
</ul>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzalzobjconcepts.htm" title="Use this concept and reference information to learn more about digital signatures and the object signing and signature verification processes work.">Object signing concepts</a></div>
|
|
</div>
|
|
<div class="reltasks"><strong>Related tasks</strong><br />
|
|
<div><a href="rzalzcheckthechecker.htm" title="Learn how to verify the integrity of the code checker function that you use to verify i5/OS system integrity.">Verifying code checker function integrity</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |