352 lines
19 KiB
HTML
352 lines
19 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
|
<title>Example in ILE C: Reading encrypted data from a file</title>
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<!-- Change History: -->
|
|
<!-- YYMMDD USERID Change description -->
|
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
|
</head>
|
|
<body>
|
|
<!-- Java sync-link-->
|
|
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
|
|
</script>
|
|
|
|
<h2>Example in ILE C: Reading encrypted data from a file</h2>
|
|
<p>See <a href="../apiref/aboutapis.htm#codedisclaimer">Code disclaimer information</a>
|
|
for information pertaining to code examples.</p>
|
|
<p>Refer to <a href="qc3Scenario.htm">Scenario: Key Management and File Encryption Using the Cryptographic Services APIs</a> for a description of this scenario.</p>
|
|
<img src="delta.gif" alt="Start of change">
|
|
<pre>
|
|
/*-------------------------------------------------------------------*/
|
|
/* */
|
|
/* Sample C program: Bill_Cus */
|
|
/* */
|
|
/* COPYRIGHT 5722-SS1 (c) IBM Corp 2004, 2006 */
|
|
/* */
|
|
/* This material contains programming source code for your */
|
|
/* consideration. These examples have not been thoroughly */
|
|
/* tested under all conditions. IBM, therefore, cannot */
|
|
/* guarantee or imply reliability, serviceability, or function */
|
|
/* of these programs. All programs contained herein are */
|
|
/* provided to you "AS IS". THE IMPLIED WARRANTIES OF */
|
|
/* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE */
|
|
/* EXPRESSLY DISCLAIMED. IBM provides no program services for */
|
|
/* these programs and files. */
|
|
/* */
|
|
/* Description: */
|
|
/* This is a sample program to demonstrate use of the Cryptographic */
|
|
/* Services APIs. APIs demonstrated in this program are: */
|
|
/* Create Algorithm Context */
|
|
/* Create Key Context */
|
|
/* Decrypt Data */
|
|
/* Destroy Key Context */
|
|
/* Destroy Algorithm Context */
|
|
/* */
|
|
/* Function: */
|
|
/* For each record in the Customer Data file (CUSDTA), check the */
|
|
/* accounts receivable balance. If there is a balance, decrypt the */
|
|
/* customer's data and call Bill_Cus to create a bill. The customer*/
|
|
/* data is encrypted with a file key kept in the Customer Processing*/
|
|
/* Information file (CUSPI). */
|
|
/* */
|
|
/* Refer to the iSeries (TM) Information Center for a full */
|
|
/* description of this scenario. */
|
|
/* */
|
|
/* Use the following commands to compile this program: */
|
|
/* CRTCMOD MODULE(MY_LIB/BILL_CUS) SRCFILE(MY_LIB/MY_SRC) */
|
|
/* CRTSRVPGM SRVPGM(MY_LIB/BILL_CUS) + */
|
|
/* MODULE(MY_LIB/BILL_CUS MY_LIB/CREATE_BILL) + */
|
|
/* BNDSRVPGM(QC3CTX QC3PRNG QC3DTADE) */
|
|
/* */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Retrieve various structures/utilities. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
#include <stdio.h> /* Standard I/O header */
|
|
#include <stdlib.h> /* General utilities */
|
|
#include <stddef.h> /* Standard definitions */
|
|
#include <string.h> /* String handling utilities */
|
|
#include <recio.h> /* Record I/O routines */
|
|
#include <qusec.h> /* Error code structure */
|
|
#include <qc3ctx.h> /* Hdr file for Context APIs */
|
|
#include <qc3dtade.h> /* Hdr file for Decrypt Dta API*/
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* The following structures were generated with GENCSRC. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
#ifdef __cplusplus
|
|
#include <bcd.h>
|
|
#else
|
|
#include <decimal.h>
|
|
#endif
|
|
/* ------------------------------------------------------- *
|
|
// PHYSICAL FILE : MY_LIB/CUSPI
|
|
// FILE LAST CHANGE DATE : 2004/02/11
|
|
// RECORD FORMAT : CUSPIREC
|
|
// FORMAT LEVEL IDENTIFIER : 248C15A88E09C
|
|
* ------------------------------------------------------- */
|
|
typedef _Packed struct {
|
|
char KEY[16]; /* ENCRYPTION KEY */
|
|
|
|
#ifndef __cplusplus
|
|
decimal( 8, 0) LASTCUS;
|
|
#else
|
|
_DecimalT< 8, 0> LASTCUS; /* LAST CUSTOMER NUMBER */
|
|
/* BCD class SPECIFIED IN DDS */
|
|
#endif
|
|
} CUSPIREC_both_t;
|
|
|
|
/* ------------------------------------------------------- *
|
|
// PHYSICAL FILE : MY_LIB/CUSDTA
|
|
// FILE LAST CHANGE DATE : 2004/02/11
|
|
// RECORD FORMAT : CUSDTAREC
|
|
// FORMAT LEVEL IDENTIFIER : 434C857F6F5B3
|
|
* ------------------------------------------------------- */
|
|
typedef _Packed struct {
|
|
|
|
#ifndef __cplusplus
|
|
decimal( 8, 0) CUSNUM;
|
|
#else
|
|
_DecimalT< 8, 0> CUSNUM; /* CUSTOMER NUMBER */
|
|
/* BCD class SPECIFIED IN DDS */
|
|
#endif
|
|
char IV[16]; /* INITIALIZATION VECTOR */
|
|
|
|
#ifndef __cplusplus
|
|
decimal(10, 2) ARBAL;
|
|
#else
|
|
_DecimalT<10, 2> ARBAL; /* ACCOUNTS RECEIVABLE BALANCE */
|
|
/* BCD class SPECIFIED IN DDS */
|
|
#endif
|
|
char ECUSDTA[80]; /* ENCRYPTED CUSTOMER DATA */
|
|
} CUSDTAREC_both_t;
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Function declarations */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
/* Create a bill */
|
|
void Create_Bill(char *customerData, decimal(10, 2) balance);
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Start of mainline code. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
int Bill_Cus()
|
|
{
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Return codes */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
int rtn; /* Return code */
|
|
#define ERROR -1
|
|
#define OK 0
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* File handling variables */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
_RFILE *cuspiPtr; /* Pointer to CUSPI file */
|
|
_RFILE *cusdtaPtr; /* Pointer to CUSDTA file */
|
|
CUSPIREC_both_t cuspi; /* CUSPI record */
|
|
CUSDTAREC_both_t cusdta; /* CUSDTA record */
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Parameters needed by the Cryptographic Services APIs */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
Qus_EC_t errCode; /* Error code structure */
|
|
char csp; /* Crypto service provider */
|
|
Qc3_Format_ALGD0200_T algD; /* Block cipher alg description*/
|
|
char AESctx[8]; /* AES alg context token */
|
|
int keySize; /* Key size */
|
|
char keyFormat; /* Key format */
|
|
int keyType; /* Key type */
|
|
char keyForm; /* Key form */
|
|
int keyStringLen; /* Length of key string */
|
|
Qc3_Format_KEYD0400_T kskey; /* Key store structure */
|
|
char KEKctx[8]; /* KEK key context token */
|
|
char FKctx[8]; /* File key context token */
|
|
char pcusdta[80]; /* Plaintext customer data */
|
|
int cipherLen; /* Length of ciphertext */
|
|
int plainLen; /* Length of plaintext */
|
|
int rtnLen; /* Return length */
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Initializations */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
/* Set to generate exceptions */
|
|
memset(&errCode, 0, sizeof(errCode));
|
|
/* Use any crypto provider */
|
|
csp = Qc3_Any_CSP;
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Create an AES algorithm context for the key-encrypting key (KEK). */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
memset(&algD, 0, sizeof(algD)); /* Init alg description to null*/
|
|
algD.Block_Cipher_Alg = Qc3_AES; /* Set AES algorithm */
|
|
algD.Block_Length = 16; /* Block size is 16 */
|
|
algD.Mode = Qc3_CBC; /* Use cipher block chaining */
|
|
algD.Pad_Option = Qc3_No_Pad; /* Do not pad */
|
|
/* Create algorithm context */
|
|
Qc3CreateAlgorithmContext((unsigned char *)&algD,
|
|
Qc3_Alg_Block_Cipher, AESctx, &errCode);
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Create a key context for the key-encrypting key (KEK). */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
keyFormat = Qc3_KSLabel_Struct; /* Key format is keystore label*/
|
|
keyStringLen = sizeof(kskey); /* Length of key string */
|
|
keyType = Qc3_AES; /* Key type is AES */
|
|
keyForm = Qc3_Clear; /* Key string is clear */
|
|
memset(&kskey, 0, sizeof(kskey)); /* Init name structure to null */
|
|
/* Set key store file name */
|
|
memset(kskey.Key_Store, 0x40, sizeof(kskey.Key_Store));
|
|
memcpy(kskey.Key_Store,"CUSKEYFILEMY_LIB", 16);
|
|
/* Set key store label */
|
|
memset(kskey.Record_Label, 0x40, sizeof(kskey.Record_Label));
|
|
memcpy(kskey.Record_Label, "CUSDTAKEK", 9);
|
|
/* Create key context */
|
|
Qc3CreateKeyContext((char*)&kskey, &keyStringLen, &keyFormat, &keyType,
|
|
&keyForm, NULL, NULL, KEKctx, &errCode);
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Open Customer Processing Information file (CUSPI). */
|
|
/* Read first record to obtain the encrypted file key. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
/* Open CUSPI file */
|
|
if ((cuspiPtr = _Ropen("MY_LIB/CUSPI", "rr, arrseq=Y, riofb=N"))
|
|
== NULL)
|
|
{ /* If null ptr returned */
|
|
/* Send error message */
|
|
printf("Open of Customer Processing Information file (CUSPI) failed.");
|
|
return ERROR; /* Return with error */
|
|
}
|
|
/* Read the first(only) record */
|
|
/* to get encrypted file key. */
|
|
if ((_Rreadf(cuspiPtr, &cuspi, sizeof(cuspi), __DFT))->num_bytes
|
|
== EOF)
|
|
{ /* If record not found */
|
|
/* Send error message */
|
|
printf("Customer Processing Information (CUSPI) record missing.");
|
|
_Rclose(cuspiPtr); /* Close CUSPI file */
|
|
return ERROR; /* Return with error */
|
|
}
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Create a key context for the file key. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
keySize = sizeof(cuspi.KEY); /* Key size */
|
|
keyFormat = Qc3_Bin_String; /* Key format is binary string */
|
|
keyType = Qc3_AES; /* Key type is AES */
|
|
keyForm = Qc3_Encrypted; /* Key is encrypted with a KEK */
|
|
/* Create key context */
|
|
Qc3CreateKeyContext(cuspi.KEY, &keySize, &keyFormat, &keyType,
|
|
&keyForm, KEKctx, AESctx, FKctx, &errCode);
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Wipe out the encryptd file key value from program storage and */
|
|
/* close the CUSPI file. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
/* Wipe out encrypted file key */
|
|
memset(cuspi.KEY, 0, sizeof(cuspi.KEY));
|
|
_Rclose(cuspiPtr); /* Close CUSPI file */
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Open Customer Data file. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
/* Open CUSDTA file */
|
|
if ((cusdtaPtr = _Ropen("MY_LIB/CUSDTA", "rr, arrseq=Y, riofb=N"))
|
|
== NULL)
|
|
{ /* If null ptr returned */
|
|
/* Send error message */
|
|
printf("Open of CUSDTA file failed.");
|
|
return ERROR;
|
|
}
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Read each record of CUSDTA. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
/* Read next record in file */
|
|
/* while not End-Of-File */
|
|
while ((_Rreadn(cusdtaPtr, &cusdta, sizeof(cusdta), __DFT))->num_bytes
|
|
!= EOF)
|
|
{
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* If accounts receivable balance > 0, decrypt customer data and */
|
|
/* create a bill for the customer. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
if (cusdta.ARBAL > 0)
|
|
{
|
|
/* Copy IV to alg description */
|
|
memcpy(algD.Init_Vector, cusdta.IV, 16);
|
|
|
|
/* Decrypt customer data */
|
|
cipherLen = sizeof(cusdta.ECUSDTA);
|
|
plainLen = sizeof(pcusdta);
|
|
Qc3DecryptData(cusdta.ECUSDTA, &cipherLen,
|
|
(char*)&algD, Qc3_Alg_Block_Cipher,
|
|
FKctx, Qc3_Key_Token,
|
|
&csp, NULL, pcusdta, &plainLen, &rtnLen,
|
|
&errCode);
|
|
|
|
/* Create bill */
|
|
Create_Bill(pcusdta, cusdta.ARBAL);
|
|
}
|
|
}
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Cleanup. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
/* Clear plaintext data */
|
|
memset(&pcusdta, 0, sizeof(pcusdta));
|
|
/* Destroy file key context */
|
|
Qc3DestroyKeyContext(FKctx, &errCode);
|
|
/* Destroy KEK context */
|
|
Qc3DestroyKeyContext(KEKctx, &errCode);
|
|
/* Destroy the alg context */
|
|
Qc3DestroyAlgorithmContext(AESctx, &errCode);
|
|
/* Close CUSDTA file */
|
|
_Rclose(cusdtaPtr);
|
|
/* Return successful */
|
|
return OK;
|
|
|
|
}
|
|
</pre>
|
|
<p><img src="deltaend.gif" alt="End of change"></p>
|
|
<br>
|
|
<hr>
|
|
<center>
|
|
<table cellpadding="2" cellspacing="2">
|
|
<tr align="center">
|
|
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> |
|
|
<a href= "catcrypt.htm">Cryptographic Services APIs</a> |<a href=
|
|
"aplist.htm">APIs by category</a></td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
</body>
|
|
</html>
|
|
|