278 lines
14 KiB
HTML
278 lines
14 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="reference" />
|
|
<meta name="DC.Title" content="Example: ILE RPG program for reinitializing your Cryptographic Coprocessor" />
|
|
<meta name="abstract" content="Change this program example to suit your needs for reinitializing your Cryptographic Coprocessor." />
|
|
<meta name="description" content="Change this program example to suit your needs for reinitializing your Cryptographic Coprocessor." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzajcreinitializing.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="reinittxtrpg" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Example: ILE RPG program for reinitializing your Cryptographic Coprocessor</title>
|
|
</head>
|
|
<body id="reinittxtrpg"><a name="reinittxtrpg"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Example: ILE RPG program for reinitializing your Cryptographic Coprocessor</h1>
|
|
<div><p>Change this program example to suit your needs for reinitializing
|
|
your Cryptographic Coprocessor. </p>
|
|
<div class="section"><div class="p"><div class="note"><span class="notetitle">Note:</span> Read the <a href="codedisclaimer.htm#codedisclaimer">Code license and disclaimer information</a> for
|
|
important legal information.<p>If you choose to use the program example that
|
|
is provided, change it to suit your specific needs. For security reasons, IBM<sup>®</sup> recommends
|
|
that you individualize these program examples rather than using the default
|
|
values provided.</p>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div class="example"> <pre> D*************************************************************
|
|
D* REINIT
|
|
D*
|
|
D* Clear the card (reset to manufactured state).
|
|
D*
|
|
D*
|
|
D* COPYRIGHT 5769-SS1 (C) IBM CORP. 2000, 2000
|
|
D*
|
|
D* This material contains programming source code for your
|
|
D* consideration. These example has not been thoroughly
|
|
D* tested under all conditions. IBM, therefore, cannot
|
|
D* guarantee or imply reliability, serviceability, or function
|
|
D* of these programs. All programs contained herein are
|
|
D* provided to you "AS IS". THE IMPLIED WARRANTIES OF
|
|
D* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
D* ARE EXPRESSLY DISCLAIMED. IBM provides no program services for
|
|
D* these programs and files.
|
|
D*
|
|
D*
|
|
D* Note: Input format is more fully described in Chapter 2 of
|
|
D* IBM CCA Basic Services Reference and Guide
|
|
D* (SC31-8609) publication.
|
|
D*
|
|
D* Parameters:
|
|
D* char * new time 16 characters
|
|
D*
|
|
D* Example:
|
|
D* CALL PGM(REINIT)
|
|
D*
|
|
D* Use these commands to compile this program on the system:
|
|
D* CRTRPGMOD MODULE(REINIT) SRCFILE(SAMPLE)
|
|
D* CRTPGM PGM(REINIT) MODULE(REINIT)
|
|
D* BNDSRVPGM(QCCA/CSUACFC)
|
|
D*
|
|
D* Note: Authority to the CSUACFC service program in the
|
|
D* QCCA library is assumed.
|
|
D*
|
|
D* The Common Cryptographic Architecture (CCA) verbs used are
|
|
D* Cryptographic_Facilty_Control (CSUACFC)
|
|
D*
|
|
D**************************************************************
|
|
D*------------------------------------------------
|
|
D* Declare variables for CCA SAPI calls
|
|
D*------------------------------------------------
|
|
D* ** Return code
|
|
DRETURNCODE S 9B 0
|
|
D* ** Reason code
|
|
DREASONCODE S 9B 0
|
|
D* ** Exit data length
|
|
DEXITDATALEN S 9B 0
|
|
D* ** Exit data
|
|
DEXITDATA S 4
|
|
D* ** Rule array count
|
|
DRULEARRAYCNT S 9B 0
|
|
D* ** Rule array
|
|
DRULEARRAY S 16
|
|
D* ** Verb data length
|
|
DVERBDATALEN S 9B 0
|
|
D* ** Verb data
|
|
DVERBDATA S 8
|
|
D*
|
|
D*------------------------------------------------
|
|
D* Declares for calculating one's complement
|
|
D*------------------------------------------------
|
|
DBUFFER DS
|
|
DA1 1 2
|
|
DA2 3 4
|
|
DA3 5 6
|
|
DA4 7 8
|
|
D*
|
|
DWORKBUFF DS
|
|
DINT4 1 4B 0
|
|
DINT2 3 4
|
|
D*
|
|
D*
|
|
D**********************************************************
|
|
D* Prototype for Cryptographic_Facilty_Control (CSUACFC)
|
|
D**********************************************************
|
|
DCSUACFC PR
|
|
DRETCODE 9B 0
|
|
DRSNCODE 9B 0
|
|
DEXTDTALEN 9B 0
|
|
DEXTDTA 4
|
|
DRARRAYCT 9B 0
|
|
DRARRAY 16
|
|
DVRBDTALEN 9B 0
|
|
DVRBDTA 8
|
|
D*
|
|
D*-------------------------------------------------------------
|
|
D* ** Declares for sending messages to the
|
|
D* ** job log using the QMHSNDPM API
|
|
D*-------------------------------------------------------------
|
|
DMSG S 75 DIM(3) CTDATA PERRCD(1)
|
|
DMSGLENGTH S 9B 0 INZ(64)
|
|
D DS
|
|
DMSGTEXT 1 80
|
|
DFAILRETC 41 44
|
|
DFAILRSNC 46 49
|
|
DMESSAGEID S 7 INZ(' ')
|
|
DMESSAGEFILE S 21 INZ(' ')
|
|
DMSGKEY S 4 INZ(' ')
|
|
DMSGTYPE S 10 INZ('*INFO ')
|
|
DSTACKENTRY S 10 INZ('* ')
|
|
DSTACKCOUNTER S 9B 0 INZ(2)
|
|
DERRCODE DS
|
|
DBYTESIN 1 4B 0 INZ(0)
|
|
DBYTESOUT 5 8B 0 INZ(0)
|
|
C*
|
|
C**************************************************************
|
|
C* START OF PROGRAM *
|
|
C* *
|
|
C* *
|
|
C*------------------------------------------------------------*
|
|
C* Set the keyword in the rule array *
|
|
C*------------------------------------------------------------*
|
|
C MOVEL 'ADAPTER1' RULEARRAY
|
|
C MOVE 'RQ-TOKEN' RULEARRAY
|
|
C Z-ADD 2 RULEARRAYCNT
|
|
C*------------------------------------------------------------*
|
|
C* Set the verb data length to 8 *
|
|
C*------------------------------------------------------------*
|
|
C Z-ADD 8 VERBDATALEN
|
|
C**************************************************************
|
|
C* Call Cryptographic Facilty Control SAPI */
|
|
C**************************************************************
|
|
C CALLP CSUACFC (RETURNCODE:
|
|
C REASONCODE:
|
|
C EXITDATALEN:
|
|
C EXITDATA:
|
|
C RULEARRAYCNT:
|
|
C RULEARRAY:
|
|
C VERBDATALEN:
|
|
C VERBDATA)
|
|
C*-----------------------*
|
|
C* Check the return code *
|
|
C*-----------------------*
|
|
C RETURNCODE IFGT 4
|
|
C* *----------------------*
|
|
C* * Send error message *
|
|
C* *----------------------*
|
|
C MOVEL MSG(1) MSGTEXT
|
|
C MOVE RETURNCODE FAILRETC
|
|
C MOVE REASONCODE FAILRSNC
|
|
C EXSR SNDMSG
|
|
C RETURN
|
|
C ENDIF
|
|
C*
|
|
C* *---------------------------------------*
|
|
C* * Send success message for the 1st step *
|
|
C* *---------------------------------------*
|
|
C MOVEL MSG(2) MSGTEXT
|
|
C EXSR SNDMSG
|
|
C*
|
|
C*------------------------------------------------------------*
|
|
C* Set the keyword in the rule array for 2nd step *
|
|
C*------------------------------------------------------------*
|
|
C MOVE 'RQ-REINT' RULEARRAY
|
|
C*
|
|
C*------------------------------------------------------------*
|
|
C* Convert the token into the one's complement of it *
|
|
C*------------------------------------------------------------*
|
|
C MOVE VERBDATA BUFFER
|
|
C Z-ADD 0 INT4
|
|
C MOVE A1 INT2
|
|
C EVAL INT4 = 65535 - INT4
|
|
C MOVE INT2 A1
|
|
C MOVE A2 INT2
|
|
C EVAL INT4 = 65535 - INT4
|
|
C MOVE INT2 A2
|
|
C MOVE A3 INT2
|
|
C EVAL INT4 = 65535 - INT4
|
|
C MOVE INT2 A3
|
|
C MOVE A4 INT2
|
|
C EVAL INT4 = 65535 - INT4
|
|
C MOVE INT2 A4
|
|
C MOVE BUFFER VERBDATA
|
|
C*
|
|
C**************************************************************
|
|
C* Call Cryptographic Facilty Control SAPI */
|
|
C**************************************************************
|
|
C CALLP CSUACFC (RETURNCODE:
|
|
C REASONCODE:
|
|
C EXITDATALEN:
|
|
C EXITDATA:
|
|
C RULEARRAYCNT:
|
|
C RULEARRAY:
|
|
C VERBDATALEN:
|
|
C VERBDATA)
|
|
C*-----------------------*
|
|
C* Check the return code *
|
|
C*-----------------------*
|
|
C RETURNCODE IFGT 4
|
|
C* *----------------------*
|
|
C* * Send error message *
|
|
C* *----------------------*
|
|
C MOVEL MSG(1) MSGTEXT
|
|
C MOVE RETURNCODE FAILRETC
|
|
C MOVE REASONCODE FAILRSNC
|
|
C EXSR SNDMSG
|
|
C*
|
|
C ELSE
|
|
C* *----------------------*
|
|
C* * Send success message *
|
|
C* *----------------------*
|
|
C MOVE MSG(3) MSGTEXT
|
|
C EXSR SNDMSG
|
|
C*
|
|
C ENDIF
|
|
C SETON LR
|
|
C*
|
|
C**************************************************************
|
|
C* Subroutine to send a message
|
|
C**************************************************************
|
|
C SNDMSG BEGSR
|
|
C CALL 'QMHSNDPM'
|
|
C PARM MESSAGEID
|
|
C PARM MESSAGEFILE
|
|
C PARM MSGTEXT
|
|
C PARM MSGLENGTH
|
|
C PARM MSGTYPE
|
|
C PARM STACKENTRY
|
|
C PARM STACKCOUNTER
|
|
C PARM MSGKEY
|
|
C PARM ERRCODE
|
|
C ENDSR
|
|
**
|
|
CSUACFC failed with return/reason codes 9999/9999.
|
|
Random token was successfully returned.
|
|
The Cryptographic Coprocessor successfully cleared/reset.</pre>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajcreinitializing.htm" title="If you set up your Cryptographic Coprocessor incorrectly, you can end up with an unusable configuration with which you cannot perform any cryptographic functions and cannot use any of the APIs to recover. For example, you can configure it such that you have no role authorized to set the master key and no role authorized to change or create new roles or profiles. You can call the hardware command for reinitializing the card by using the Cryptographic_Facility_Control (CSUACFC) SAPI.">Reinitialize the Cryptographic Coprocessor</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |