ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzajc_5.4.0.1/rzajckeygentxt.htm

238 lines
11 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="Example: Creating a DES key with your Cryptographic Coprocessor" />
<meta name="abstract" content="Change this program example to suit your needs for creating a DES key with your Cryptographic Coprocessor." />
<meta name="description" content="Change this program example to suit your needs for creating a DES key with your Cryptographic Coprocessor." />
<meta name="DC.Relation" scheme="URI" content="rzajccreatekeys.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="keygentxt" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Example: Creating a DES key with your Cryptographic Coprocessor</title>
</head>
<body id="keygentxt"><a name="keygentxt"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Example: Creating a DES key with your Cryptographic Coprocessor</h1>
<div><p>Change this program example to suit your needs for creating a DES
key with your Cryptographic Coprocessor.</p>
<div class="section"><div class="note"><span class="notetitle">Note:</span> Read the <a href="codedisclaimer.htm#codedisclaimer">Code license and disclaimer information</a> for
important legal information.<p>If you choose to use this program example,
change it to suit your specific needs. For security reasons, IBM<sup>®</sup> recommends
that you individualize these program examples rather than using the default
values provided.</p>
</div>
</div>
<div class="example"> <pre>/*---------------------------------------------------------------*/
/* Generate DES keys in key store. */
/* */
/* COPYRIGHT 5769-SS1 (c) IBM Corp 1999 */
/* */
/* This material contains programming source code for your */
/* consideration. These examples have not been thoroughly */
/* tested under all conditions. IBM, therefore, cannot */
/* guarantee or imply reliability, serviceability, or function */
/* of these programs. All programs contained herein are */
/* provided to you "AS IS". THE IMPLIED WARRANTIES OF */
/* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE */
/* EXPRESSLY DISCLAIMED. IBM provides no program services for */
/* these programs and files. */
/* */
/* Parameters: */
/* char * key label, 1 to 64 characters */
/* char * key store name, 1 to 21 characters in form 'lib/file' */
/* (optional, see second note below) */
/* */
/* Examples: */
/* CALL PGM(KEYGEN) PARM('TEST.LABEL.1') */
/* */
/* CALL PGM(KEYGEN) PARM('MY.OWN.LABEL' 'QGPL/MYKEYSTORE') */
/* */
/* Note: This program assumes the device you want to use is */
/* already identified either by defaulting to the CRP01 */
/* device or has been explicitly named using the */
/* Cryptographic_Resource_Allocate verb. Also this */
/* device must be varied on and you must be authorized */
/* to use this device description. */
/* */
/* If the key store name parameter is not provided, this */
/* program assumes the key store file you will use is */
/* already identifed either by being specified on the */
/* cryptographic device or has been previously named */
/* using the Key_Store_Designate verb. Also you must be */
/* authorized to add and update records in this file. */
/* */
/* Use the following commands to compile this program: */
/* ADDLIBLE LIB(QCCA) */
/* CRTCMOD MODULE(KEYGEN) SRCFILE(SAMPLE) */
/* CRTPGM PGM(KEYGEN) MODULE(KEYGEN) + */
/* BNDSRVPGM(QCCA/CSUAKSD QCCA/CSNBKRC QCCA/CSNBKGN) */
/* */
/* Note: authority to the CSUAKSD, CSNBKRC and CSNBKGN service */
/* programs in the QCCA library is assumed. */
/* */
/* Common Cryptographic Architecture (CCA) verbs used: */
/* Key_Store_Designate (CSUAKSD) */
/* DES_Key_Record_Create (CSNBKRC) */
/* Key_Generate (CSNBKGN) */
/* */
/*---------------------------------------------------------------*/
#include &lt;stdlib.h&gt;
#include &lt;stdio.h&gt;
#include &lt;string.h&gt;
#include "csucincl.h" /* header file for CCA Cryptographic
Service Provider */
int main(int argc, char *argv[])
{
/*-------------------------------------------------------------------*/
/* standard return codes */
/*-------------------------------------------------------------------*/
#define ERROR -1
#define OK 0
/*-------------------------------------------------------------------*/
/* standard CCA parameters */
/*-------------------------------------------------------------------*/
long return_code;
long reason_code;
long exit_data_length;
char exit_data[2];
long rule_array_count;
/*-------------------------------------------------------------------*/
/* fields unique to this sample program */
/*-------------------------------------------------------------------*/
long file_name_length;
char key_label[64];
/*-------------------------------------------------------------------*/
/* See if the user wants to specify which key store file to use */
/*-------------------------------------------------------------------*/
if(argc &gt; 2)
{
file_name_length = strlen(argv[2]);
if((file_name_length &gt; 0) &amp;&amp;
(file_name_length &lt; 22))
{
rule_array_count = 1;
CSUAKSD(&amp;return_code,
&amp;reason_code,
&amp;exit_data_length,
exit_data,
&amp;rule_array_count,
"DES ", /* rule_array, we are working with
DES keys in this sample program */
&amp;file_name_length,
argv[2]); /* key store file name */
if (return_code != 0)
{
printf("Key store designate failed for reason %d/%d\n\n",
return_code, reason_code);
return ERROR;
}
else
{
printf("Key store designated\n");
printf("SAPI returned %ld/%ld\n", return_code, reason_code);
}
}
else
{
printf("Key store file name is wrong length");
return ERROR;
}
}
else; /* let key store file name default */
/*-------------------------------------------------------------------*/
/* Create a record in key store */
/*-------------------------------------------------------------------*/
memset(key_label, ' ', 64);
memcpy(key_label, argv[1], strlen(argv[1]));
CSNBKRC(&amp;return_code,
&amp;reason_code,
&amp;exit_data_length,
exit_data,
key_label);
if (return_code != 0)
{
printf("Record could not be added to key store for reason %d/%d\n\n",
return_code, reason_code);
return ERROR;
}
else
{
printf("Record added to key store\n");
printf("SAPI returned %ld/%ld\n", return_code, reason_code);
}
/*-------------------------------------------------------------------*/
/* Generate a key */
/*-------------------------------------------------------------------*/
CSNBKGN(&amp;return_code,
&amp;reason_code,
&amp;exit_data_length,
exit_data,
"OP ", /* operational key is requested */
"SINGLE ", /* single length key requested */
"DATA ", /* Data encrypting key requested */
" ", /* second value must be blanks when
key form requests only one key */
"\0", /* key encrypting key is null for
operational keys */
"\0", /* key encrypting key is null since
only one key is being requested */
key_label, /* store generated key in key store*/
"\0"); /* no second key is requested */
if (return_code != 0)
{
printf("Key generation failed for reason %d/%d\n\n",
return_code, reason_code);
return ERROR;
}
else
{
printf("Key generated and stored in key store\n");
printf("SAPI returned %ld/%ld\n\n", return_code, reason_code);
return OK;
}
}</pre>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajccreatekeys.htm" title="You can create DES and PKA keys and store them in a DES key store.">Create DES and PKA keys</a></div>
</div>
</div>
</body>
</html>