ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzajc_5.4.0.1/rzajcregpubkeyrpg.htm

354 lines
17 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="Example: ILE RPG program for registering a public key certificate" />
<meta name="abstract" content="Change this program example to suit your needs for registering a public key certificate." />
<meta name="description" content="Change this program example to suit your needs for registering a public key certificate." />
<meta name="DC.Relation" scheme="URI" content="rzajcworking.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="regpubkeyrpg" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Example: ILE RPG program for registering a public key certificate</title>
</head>
<body id="regpubkeyrpg"><a name="regpubkeyrpg"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Example: ILE RPG program for registering a public key certificate</h1>
<div><p>Change this program example to suit your needs for registering
a public key certificate. </p>
<div class="section"><div class="p"><div class="note"><span class="notetitle">Note:</span> Read the <a href="codedisclaimer.htm#codedisclaimer">Code license and disclaimer information</a> for
important legal information.</div>
</div>
</div>
<div class="example"> <pre> D*************************************************************
D* REGPUBKEY
D*
D* Sample program to register a CCA public key
D* certificate.
D*
D*
D* COPYRIGHT 5769-SS1 (C) IBM CORP. 2000, 2000
D*
D* This material contains programming source code for your
D* consideration. These example has not been thoroughly
D* tested under all conditions. IBM, therefore, cannot
D* guarantee or imply reliability, serviceability, or function
D* of these programs. All programs contained herein are
D* provided to you "AS IS". THE IMPLIED WARRANTIES OF
D* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
D* ARE EXPRESSLY DISCLAIMED. IBM provides no program services for
D* these programs and files.
D*
D*
D* Note: Input format is more fully described in Chapter 2 of
D* IBM CCA Basic Services Reference and Guide
D* (SC31-8609) publication.
D*
D* Parameters: Stream file containing public key certificate
D*
D* Example:
D* CALL PGM(REGPUBKEY) PARM(CERTFILE)
D*
D* Use these commands to compile this program on the system:
D* CRTRPGMOD MODULE(REGPUBKEY) SRCFILE(SAMPLE)
D* CRTPGM PGM(REGPUBKEY) MODULE(REGPUBKEY)
D* BNDDIR(QCCA/QC6BNDDIR)
D*
D* Note: Authority to the CSNDPKR service program
D* in the QCCA library is assumed.
D*
D* The Common Cryptographic Architecture (CCA) verbs used are
D* PKA_Public_Key_Register (CSNDPKR).
D*
D**************************************************************
D*--------------------------------------------------------
D* Declare variables used by CCA SAPI calls
D*--------------------------------------------------------
D* ** Return code
DRETURNCODE S 9B 0
D* ** Reason code
DREASONCODE S 9B 0
D* ** Exit data length
DEXITDATALEN S 9B 0
D* ** Exit data
DEXITDATA S 4
D* ** Rule array count
DRULEARRAYCNT S 9B 0
D* ** Rule array
DRULEARRAY S 16
D* ** Token length
DTOKENLEN S 9B 0 INZ(2500)
D* ** Token and array for subscripting token
DTOKEN DS 2500
DTOKENARRAY 1 DIM(2500)
D* ** Name of retained key
DNAME S 64
D* ** Structure used for aligning 2 bytes into a
D* ** 2 byte integer.
DLENSTRUCT DS 2
DMSB 1 1
DLSB 2 2
DLENGTH 1 2B 0
D* ** Certificate section length
DCRTSECLEN S 9B 0
D* ** Public key section length
DPUBSECLEN S 9B 0
D* ** Index into PKA key token
DTKNINDEX S 9B 0
D* ** Index into PKA key token
DTMPINDEX S 9B 0
D* ** File descriptor
DFILED S 9B 0
D* ** File path and path length
DPATH S 80 INZ(*ALLX'00')
DPATHLEN S 9B 0
D* ** Open Flag - Open for Read only
DOFLAG S 10I 0 INZ(1)
D*
D**********************************************************
D* Prototype for PKA_Public_Key_Register (CSNDPKR)
D**********************************************************
DCSNDPKR PR
DRETCOD 9B 0
DRSNCOD 9B 0
DEXTDTALN 9B 0
DEXTDT 4
DRARRYCT 9B 0
DRARRY 16
DKYNAM 64
DCRTLEN 9B 0
DCRT 500 OPTIONS(*VARSIZE)
D*
D**********************************************************
D* Prototype for open()
D**********************************************************
D* value returned = file descriptor (OK), -1 (error)
Dopen PR 9B 0 EXTPROC('open')
D* path name of file to be opened.
D 128 OPTIONS(*VARSIZE)
D* Open flags
D 9B 0 VALUE
D* (OPTIONAL) mode - access rights
D 10U 0 VALUE OPTIONS(*NOPASS)
D* (OPTIONAL) codepage
D 10U 0 VALUE OPTIONS(*NOPASS)
D*
D*********************************************************************
D* Prototype for read()
D**********************************************************
D* value returned = number of bytes actually read, or -1
Dread PR 9B 0 EXTPROC('read')
D* File descriptor returned from open()
D 9B 0 VALUE
D* Input buffer
D 2500 OPTIONS(*VARSIZE)
D* Length of data to be read
D 9B 0 VALUE
D*
D*********************************************************************
D* Prototype for close()
D*********************************************************************
D* value returned = 0 (OK), or -1
Dclose PR 9B 0 EXTPROC('close')
D* File descriptor returned from open()
D 9B 0 VALUE
D*
D*-------------------------------------------------------------
D* ** Declares for sending messages to the
D* ** job log using the QMHSNDPM API
D*-------------------------------------------------------------
DMSG S 75 DIM(5) CTDATA PERRCD(1)
DMSGLENGTH S 9B 0 INZ(75)
D DS
DMSGTEXT 1 80
DFAILRETC 41 44
DFAILRSNC 46 49
DMESSAGEID S 7 INZ(' ')
DMESSAGEFILE S 21 INZ(' ')
DMSGKEY S 4 INZ(' ')
DMSGTYPE S 10 INZ('*INFO ')
DSTACKENTRY S 10 INZ('* ')
DSTACKCOUNTER S 9B 0 INZ(2)
DERRCODE DS
DBYTESIN 1 4B 0 INZ(0)
DBYTESOUT 5 8B 0 INZ(0)
C*
C**************************************************************
C* START OF PROGRAM *
C* *
C *ENTRY PLIST
C PARM FILEPARM 50
C**************************************************************
C* Open certificate file
C**************************************************************
C* *---------------------*
C* ** Build path name *
C* *---------------------*
C EVAL PATHLEN = %LEN(%TRIM(FILEPARM))
C PATHLEN SUBST FILEPARM:1 PATH
C* *---------------------*
C* * Open the file *
C* *---------------------*
C EVAL FILED = open(PATH: OFLAG)
C* *----------------------*
C* * Check if open worked *
C* *----------------------*
C FILED IFEQ -1
C* *------------------------------------*
C* * Open failed, send an error message *
C* *------------------------------------*
C MOVEL MSG(1) MSGTEXT
C EXSR SNDMSG
C RETURN
C*
C ENDIF
C* *--------------------------------------------------*
C* * Open worked, read certificate and close the file *
C* *--------------------------------------------------*
C EVAL TOKENLEN = read(FILED: TOKEN: TOKENLEN)
C CALLP close (FILED)
C*
C* *--------------------------------------*
C* * Check if read operation was OK *
C* *--------------------------------------*
C TOKENLEN IFEQ -1
C MOVEL MSG(2) MSGTEXT
C EXSR SNDMSG
C RETURN
C ENDIF
C*
C* *--------------------------------------*
C* * Check if certificate length is valid *
C* * The length bytes start at position 3 *
C* *--------------------------------------*
C EVAL MSB = TOKENARRAY(3)
C EVAL LSB = TOKENARRAY(4)
C LENGTH IFLT TOKENLEN
C* *-----------------------------------*
C* * Certificate length is not valid *
C* *-----------------------------------*
C MOVEL MSG(3) MSGTEXT
C EXSR SNDMSG
C RETURN
C ENDIF
C*
C**************************************************************
C* Find the certificate in the token
C*
C* The layout of the token is
C*
C* - Token header - 8 bytes - including 2 length bytes
C* - Public key section - length bytes at position 3 (11 overall)
C* - Private key name - 68 bytes
C* - Certificate section
C*
C* Note: 1 is added because RPG arrays start at 1.
C**************************************************************
C EVAL MSB = TOKENARRAY(11)
C EVAL LSB = TOKENARRAY(12)
C EVAL PUBSECLEN = LENGTH
C EVAL TKNINDEX = PUBSECLEN + 68 + 8 + 1
C*
C* *-----------------------------------------*
C* * Determine length of certificate section *
C* * Length bytes are at position 2 of the *
C* * section.
C* *-----------------------------------------*
C EVAL MSB = TOKENARRAY(TKNINDEX + 2)
C EVAL LSB = TOKENARRAY(TKNINDEX + 3)
C EVAL CRTSECLEN = LENGTH
C*
C**************************************************************
C* Register the public key
C**************************************************************
C* *------------------------------------------*
C* * Set the keywords in the rule array *
C* *------------------------------------------*
C MOVEL 'CLONE ' RULEARRAY
C Z-ADD 1 RULEARRAYCNT
C* *------------------------------------------*
C* * Build the key name (FILENAME.RETAINED) *
C* *------------------------------------------*
C EVAL %SUBST(NAME: 1: PATHLEN) =
C %SUBST(PATH: 1: PATHLEN)
C EVAL %SUBST(NAME:PATHLEN+1:9) = '.RETAINED'
C* *------------------------------*
C* * Call PKA Public Key Register *
C* *------------------------------*
C CALLP CSNDPKR (RETURNCODE:
C REASONCODE:
C EXITDATALEN:
C EXITDATA:
C RULEARRAYCNT:
C RULEARRAY:
C NAME:
C CRTSECLEN:
C TOKENARRAY(TKNINDEX))
C* *------------------------*
C* * Check the return code *
C* *------------------------*
C RETURNCODE IFGT 0
C* *-----------------------*
C* * Send failure message *
C* *-----------------------*
C MOVEL MSG(4) MSGTEXT
C MOVE RETURNCODE FAILRETC
C MOVE REASONCODE FAILRSNC
C EXSR SNDMSG
C ELSE
C* *-----------------------*
C* * Send success message *
C* *-----------------------*
C MOVEL MSG(5) MSGTEXT
C EVAL %SUBST(MSGTEXT: 41: PATHLEN + 9) =
C %SUBST(NAME: 1: PATHLEN + 9)
C EXSR SNDMSG
C ENDIF
C*
C SETON LR
C*
C**************************************************************
C* Subroutine to send a message
C**************************************************************
C SNDMSG BEGSR
C CALL 'QMHSNDPM'
C PARM MESSAGEID
C PARM MESSAGEFILE
C PARM MSGTEXT
C PARM MSGLENGTH
C PARM MSGTYPE
C PARM STACKENTRY
C PARM STACKCOUNTER
C PARM MSGKEY
C PARM ERRCODE
C ENDSR
**
The file could not be opened.
There was an error reading from the file.
The length of the certificate is not valid.
CSNDPKR failed with return/reason codes 9999/9999.
The hash was successfully registered as</pre>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajcworking.htm" title="After you set up your Cryptographic Coprocessor, you can begin writing programs to make use of your Cryptographic Coprocessor's cryptographic functions.">Manage the Cryptographic Coprocessor</a></div>
</div>
</div>
</body>
</html>