354 lines
17 KiB
HTML
354 lines
17 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="reference" />
|
|
<meta name="DC.Title" content="Example: ILE RPG program for registering a public key certificate" />
|
|
<meta name="abstract" content="Change this program example to suit your needs for registering a public key certificate." />
|
|
<meta name="description" content="Change this program example to suit your needs for registering a public key certificate." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzajcworking.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="regpubkeyrpg" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Example: ILE RPG program for registering a public key certificate</title>
|
|
</head>
|
|
<body id="regpubkeyrpg"><a name="regpubkeyrpg"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Example: ILE RPG program for registering a public key certificate</h1>
|
|
<div><p>Change this program example to suit your needs for registering
|
|
a public key certificate. </p>
|
|
<div class="section"><div class="p"><div class="note"><span class="notetitle">Note:</span> Read the <a href="codedisclaimer.htm#codedisclaimer">Code license and disclaimer information</a> for
|
|
important legal information.</div>
|
|
</div>
|
|
</div>
|
|
<div class="example"> <pre> D*************************************************************
|
|
D* REGPUBKEY
|
|
D*
|
|
D* Sample program to register a CCA public key
|
|
D* certificate.
|
|
D*
|
|
D*
|
|
D* COPYRIGHT 5769-SS1 (C) IBM CORP. 2000, 2000
|
|
D*
|
|
D* This material contains programming source code for your
|
|
D* consideration. These example has not been thoroughly
|
|
D* tested under all conditions. IBM, therefore, cannot
|
|
D* guarantee or imply reliability, serviceability, or function
|
|
D* of these programs. All programs contained herein are
|
|
D* provided to you "AS IS". THE IMPLIED WARRANTIES OF
|
|
D* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
D* ARE EXPRESSLY DISCLAIMED. IBM provides no program services for
|
|
D* these programs and files.
|
|
D*
|
|
D*
|
|
D* Note: Input format is more fully described in Chapter 2 of
|
|
D* IBM CCA Basic Services Reference and Guide
|
|
D* (SC31-8609) publication.
|
|
D*
|
|
D* Parameters: Stream file containing public key certificate
|
|
D*
|
|
D* Example:
|
|
D* CALL PGM(REGPUBKEY) PARM(CERTFILE)
|
|
D*
|
|
D* Use these commands to compile this program on the system:
|
|
D* CRTRPGMOD MODULE(REGPUBKEY) SRCFILE(SAMPLE)
|
|
D* CRTPGM PGM(REGPUBKEY) MODULE(REGPUBKEY)
|
|
D* BNDDIR(QCCA/QC6BNDDIR)
|
|
D*
|
|
D* Note: Authority to the CSNDPKR service program
|
|
D* in the QCCA library is assumed.
|
|
D*
|
|
D* The Common Cryptographic Architecture (CCA) verbs used are
|
|
D* PKA_Public_Key_Register (CSNDPKR).
|
|
D*
|
|
D**************************************************************
|
|
D*--------------------------------------------------------
|
|
D* Declare variables used by CCA SAPI calls
|
|
D*--------------------------------------------------------
|
|
D* ** Return code
|
|
DRETURNCODE S 9B 0
|
|
D* ** Reason code
|
|
DREASONCODE S 9B 0
|
|
D* ** Exit data length
|
|
DEXITDATALEN S 9B 0
|
|
D* ** Exit data
|
|
DEXITDATA S 4
|
|
D* ** Rule array count
|
|
DRULEARRAYCNT S 9B 0
|
|
D* ** Rule array
|
|
DRULEARRAY S 16
|
|
D* ** Token length
|
|
DTOKENLEN S 9B 0 INZ(2500)
|
|
D* ** Token and array for subscripting token
|
|
DTOKEN DS 2500
|
|
DTOKENARRAY 1 DIM(2500)
|
|
D* ** Name of retained key
|
|
DNAME S 64
|
|
D* ** Structure used for aligning 2 bytes into a
|
|
D* ** 2 byte integer.
|
|
DLENSTRUCT DS 2
|
|
DMSB 1 1
|
|
DLSB 2 2
|
|
DLENGTH 1 2B 0
|
|
D* ** Certificate section length
|
|
DCRTSECLEN S 9B 0
|
|
D* ** Public key section length
|
|
DPUBSECLEN S 9B 0
|
|
D* ** Index into PKA key token
|
|
DTKNINDEX S 9B 0
|
|
D* ** Index into PKA key token
|
|
DTMPINDEX S 9B 0
|
|
D* ** File descriptor
|
|
DFILED S 9B 0
|
|
D* ** File path and path length
|
|
DPATH S 80 INZ(*ALLX'00')
|
|
DPATHLEN S 9B 0
|
|
D* ** Open Flag - Open for Read only
|
|
DOFLAG S 10I 0 INZ(1)
|
|
D*
|
|
D**********************************************************
|
|
D* Prototype for PKA_Public_Key_Register (CSNDPKR)
|
|
D**********************************************************
|
|
DCSNDPKR PR
|
|
DRETCOD 9B 0
|
|
DRSNCOD 9B 0
|
|
DEXTDTALN 9B 0
|
|
DEXTDT 4
|
|
DRARRYCT 9B 0
|
|
DRARRY 16
|
|
DKYNAM 64
|
|
DCRTLEN 9B 0
|
|
DCRT 500 OPTIONS(*VARSIZE)
|
|
D*
|
|
D**********************************************************
|
|
D* Prototype for open()
|
|
D**********************************************************
|
|
D* value returned = file descriptor (OK), -1 (error)
|
|
Dopen PR 9B 0 EXTPROC('open')
|
|
D* path name of file to be opened.
|
|
D 128 OPTIONS(*VARSIZE)
|
|
D* Open flags
|
|
D 9B 0 VALUE
|
|
D* (OPTIONAL) mode - access rights
|
|
D 10U 0 VALUE OPTIONS(*NOPASS)
|
|
D* (OPTIONAL) codepage
|
|
D 10U 0 VALUE OPTIONS(*NOPASS)
|
|
D*
|
|
D*********************************************************************
|
|
D* Prototype for read()
|
|
D**********************************************************
|
|
D* value returned = number of bytes actually read, or -1
|
|
Dread PR 9B 0 EXTPROC('read')
|
|
D* File descriptor returned from open()
|
|
D 9B 0 VALUE
|
|
D* Input buffer
|
|
D 2500 OPTIONS(*VARSIZE)
|
|
D* Length of data to be read
|
|
D 9B 0 VALUE
|
|
D*
|
|
D*********************************************************************
|
|
D* Prototype for close()
|
|
D*********************************************************************
|
|
D* value returned = 0 (OK), or -1
|
|
Dclose PR 9B 0 EXTPROC('close')
|
|
D* File descriptor returned from open()
|
|
D 9B 0 VALUE
|
|
D*
|
|
D*-------------------------------------------------------------
|
|
D* ** Declares for sending messages to the
|
|
D* ** job log using the QMHSNDPM API
|
|
D*-------------------------------------------------------------
|
|
DMSG S 75 DIM(5) CTDATA PERRCD(1)
|
|
DMSGLENGTH S 9B 0 INZ(75)
|
|
D DS
|
|
DMSGTEXT 1 80
|
|
DFAILRETC 41 44
|
|
DFAILRSNC 46 49
|
|
DMESSAGEID S 7 INZ(' ')
|
|
DMESSAGEFILE S 21 INZ(' ')
|
|
DMSGKEY S 4 INZ(' ')
|
|
DMSGTYPE S 10 INZ('*INFO ')
|
|
DSTACKENTRY S 10 INZ('* ')
|
|
DSTACKCOUNTER S 9B 0 INZ(2)
|
|
DERRCODE DS
|
|
DBYTESIN 1 4B 0 INZ(0)
|
|
DBYTESOUT 5 8B 0 INZ(0)
|
|
C*
|
|
C**************************************************************
|
|
C* START OF PROGRAM *
|
|
C* *
|
|
C *ENTRY PLIST
|
|
C PARM FILEPARM 50
|
|
C**************************************************************
|
|
C* Open certificate file
|
|
C**************************************************************
|
|
C* *---------------------*
|
|
C* ** Build path name *
|
|
C* *---------------------*
|
|
C EVAL PATHLEN = %LEN(%TRIM(FILEPARM))
|
|
C PATHLEN SUBST FILEPARM:1 PATH
|
|
C* *---------------------*
|
|
C* * Open the file *
|
|
C* *---------------------*
|
|
C EVAL FILED = open(PATH: OFLAG)
|
|
C* *----------------------*
|
|
C* * Check if open worked *
|
|
C* *----------------------*
|
|
C FILED IFEQ -1
|
|
C* *------------------------------------*
|
|
C* * Open failed, send an error message *
|
|
C* *------------------------------------*
|
|
C MOVEL MSG(1) MSGTEXT
|
|
C EXSR SNDMSG
|
|
C RETURN
|
|
C*
|
|
C ENDIF
|
|
C* *--------------------------------------------------*
|
|
C* * Open worked, read certificate and close the file *
|
|
C* *--------------------------------------------------*
|
|
C EVAL TOKENLEN = read(FILED: TOKEN: TOKENLEN)
|
|
C CALLP close (FILED)
|
|
C*
|
|
C* *--------------------------------------*
|
|
C* * Check if read operation was OK *
|
|
C* *--------------------------------------*
|
|
C TOKENLEN IFEQ -1
|
|
C MOVEL MSG(2) MSGTEXT
|
|
C EXSR SNDMSG
|
|
C RETURN
|
|
C ENDIF
|
|
C*
|
|
C* *--------------------------------------*
|
|
C* * Check if certificate length is valid *
|
|
C* * The length bytes start at position 3 *
|
|
C* *--------------------------------------*
|
|
C EVAL MSB = TOKENARRAY(3)
|
|
C EVAL LSB = TOKENARRAY(4)
|
|
C LENGTH IFLT TOKENLEN
|
|
C* *-----------------------------------*
|
|
C* * Certificate length is not valid *
|
|
C* *-----------------------------------*
|
|
C MOVEL MSG(3) MSGTEXT
|
|
C EXSR SNDMSG
|
|
C RETURN
|
|
C ENDIF
|
|
C*
|
|
C**************************************************************
|
|
C* Find the certificate in the token
|
|
C*
|
|
C* The layout of the token is
|
|
C*
|
|
C* - Token header - 8 bytes - including 2 length bytes
|
|
C* - Public key section - length bytes at position 3 (11 overall)
|
|
C* - Private key name - 68 bytes
|
|
C* - Certificate section
|
|
C*
|
|
C* Note: 1 is added because RPG arrays start at 1.
|
|
C**************************************************************
|
|
C EVAL MSB = TOKENARRAY(11)
|
|
C EVAL LSB = TOKENARRAY(12)
|
|
C EVAL PUBSECLEN = LENGTH
|
|
C EVAL TKNINDEX = PUBSECLEN + 68 + 8 + 1
|
|
C*
|
|
C* *-----------------------------------------*
|
|
C* * Determine length of certificate section *
|
|
C* * Length bytes are at position 2 of the *
|
|
C* * section.
|
|
C* *-----------------------------------------*
|
|
C EVAL MSB = TOKENARRAY(TKNINDEX + 2)
|
|
C EVAL LSB = TOKENARRAY(TKNINDEX + 3)
|
|
C EVAL CRTSECLEN = LENGTH
|
|
C*
|
|
C**************************************************************
|
|
C* Register the public key
|
|
C**************************************************************
|
|
C* *------------------------------------------*
|
|
C* * Set the keywords in the rule array *
|
|
C* *------------------------------------------*
|
|
C MOVEL 'CLONE ' RULEARRAY
|
|
C Z-ADD 1 RULEARRAYCNT
|
|
C* *------------------------------------------*
|
|
C* * Build the key name (FILENAME.RETAINED) *
|
|
C* *------------------------------------------*
|
|
C EVAL %SUBST(NAME: 1: PATHLEN) =
|
|
C %SUBST(PATH: 1: PATHLEN)
|
|
C EVAL %SUBST(NAME:PATHLEN+1:9) = '.RETAINED'
|
|
|
|
C* *------------------------------*
|
|
C* * Call PKA Public Key Register *
|
|
C* *------------------------------*
|
|
C CALLP CSNDPKR (RETURNCODE:
|
|
C REASONCODE:
|
|
C EXITDATALEN:
|
|
C EXITDATA:
|
|
C RULEARRAYCNT:
|
|
C RULEARRAY:
|
|
C NAME:
|
|
C CRTSECLEN:
|
|
C TOKENARRAY(TKNINDEX))
|
|
C* *------------------------*
|
|
C* * Check the return code *
|
|
C* *------------------------*
|
|
C RETURNCODE IFGT 0
|
|
C* *-----------------------*
|
|
C* * Send failure message *
|
|
C* *-----------------------*
|
|
C MOVEL MSG(4) MSGTEXT
|
|
C MOVE RETURNCODE FAILRETC
|
|
C MOVE REASONCODE FAILRSNC
|
|
C EXSR SNDMSG
|
|
C ELSE
|
|
C* *-----------------------*
|
|
C* * Send success message *
|
|
C* *-----------------------*
|
|
C MOVEL MSG(5) MSGTEXT
|
|
C EVAL %SUBST(MSGTEXT: 41: PATHLEN + 9) =
|
|
C %SUBST(NAME: 1: PATHLEN + 9)
|
|
C EXSR SNDMSG
|
|
C ENDIF
|
|
C*
|
|
C SETON LR
|
|
C*
|
|
C**************************************************************
|
|
C* Subroutine to send a message
|
|
C**************************************************************
|
|
C SNDMSG BEGSR
|
|
C CALL 'QMHSNDPM'
|
|
C PARM MESSAGEID
|
|
C PARM MESSAGEFILE
|
|
C PARM MSGTEXT
|
|
C PARM MSGLENGTH
|
|
C PARM MSGTYPE
|
|
C PARM STACKENTRY
|
|
C PARM STACKCOUNTER
|
|
C PARM MSGKEY
|
|
C PARM ERRCODE
|
|
C ENDSR
|
|
**
|
|
The file could not be opened.
|
|
There was an error reading from the file.
|
|
The length of the certificate is not valid.
|
|
CSNDPKR failed with return/reason codes 9999/9999.
|
|
The hash was successfully registered as</pre>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajcworking.htm" title="After you set up your Cryptographic Coprocessor, you can begin writing programs to make use of your Cryptographic Coprocessor's cryptographic functions.">Manage the Cryptographic Coprocessor</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |