435 lines
22 KiB
HTML
435 lines
22 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="reference" />
|
|
<meta name="DC.Title" content="Example: Encrypting data with your Cryptographic Coprocessor" />
|
|
<meta name="abstract" content="Change this program example to suit your needs for encrypting data with your Cryptographic Coprocessor." />
|
|
<meta name="description" content="Change this program example to suit your needs for encrypting data with your Cryptographic Coprocessor." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzajcciphering.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="encfiletxt" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Example: Encrypting data with your Cryptographic Coprocessor</title>
|
|
</head>
|
|
<body id="encfiletxt"><a name="encfiletxt"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Example: Encrypting data with your Cryptographic Coprocessor</h1>
|
|
<div><p>Change this program example to suit your needs for encrypting data
|
|
with your Cryptographic Coprocessor.</p>
|
|
<div class="section"><div class="note"><span class="notetitle">Note:</span> Read the <a href="codedisclaimer.htm#codedisclaimer">Code license and disclaimer information</a> for
|
|
important legal information.<p>If you choose to use this program example,
|
|
change it to suit your specific needs. For security reasons, IBM<sup>®</sup> recommends
|
|
that you individualize these program examples rather than using the default
|
|
values provided.</p>
|
|
</div>
|
|
</div>
|
|
<div class="example"> <pre>/*-------------------------------------------------------------------*/
|
|
/* */
|
|
/* Sample C program for enciphering data in a file. */
|
|
/* */
|
|
/* COPYRIGHT 5769-SS1 (c) IBM Corp 1999 */
|
|
/* */
|
|
/* This material contains programming source code for your */
|
|
/* consideration. These examples have not been thoroughly */
|
|
/* tested under all conditions. IBM, therefore, cannot */
|
|
/* guarantee or imply reliability, serviceability, or function */
|
|
/* of these programs. All programs contained herein are */
|
|
/* provided to you "AS IS". THE IMPLIED WARRANTIES OF */
|
|
/* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE */
|
|
/* EXPRESSLY DISCLAIMED. IBM provides no program services for */
|
|
/* these programs and files. */
|
|
/* */
|
|
/* Parameters: */
|
|
/* char * key label, 1 to 64 characters */
|
|
/* char * input file name, 1 to 21 characters (lib/file) */
|
|
/* char * output file name, 1 to 21 characters (lib/file) */
|
|
/* */
|
|
/* Example: */
|
|
/* CALL PGM(ENCFILE) PARM( 'MY.KEY.LABEL' 'QGPL/MYDATA' + */
|
|
/* 'QGPL/CRYPTDATA' ) */
|
|
/* */
|
|
/* Note: This program assumes the device you want to use is */
|
|
/* already identified either by defaulting to the CRP01 */
|
|
/* device or has been explicitly named using the */
|
|
/* Cryptographic_Resource_Allocate verb. Also this */
|
|
/* device must be varied on and you must be authorized */
|
|
/* to use this device description. */
|
|
/* */
|
|
/* This program assumes the key store file you will use is */
|
|
/* already identifed either by being specified on the */
|
|
/* cryptographic device or has been previously named */
|
|
/* using the Key_Store_Designate verb. Also you must be */
|
|
/* authorized to add and update records in this file. */
|
|
/* */
|
|
/* The output file should NOT have key fields since all */
|
|
/* data in the file will be encrypted and therefore trying */
|
|
/* to sort the data will be meaningless. */
|
|
/* (This is NOT checked by the program) */
|
|
/* */
|
|
/* Use the following commands to compile this program: */
|
|
/* ADDLIBLE LIB(QCCA) */
|
|
/* CRTCMOD MODULE(ENCFILE) SRCFILE(SAMPLE) */
|
|
/* CRTPGM PGM(ENCFILE) MODULE(ENCFILE) + */
|
|
/* BNDSRVPGM(QCCA/CSNBENC) */
|
|
/* */
|
|
/* Note: authority to the CSNBENC service program in the */
|
|
/* QCCA library is assumed. */
|
|
/* */
|
|
/* Common Cryptographic Architecture (CCA) verbs used: */
|
|
/* Encipher (CSNBENC) */
|
|
/* */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Retrieve various structures/utilities that are used in program. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
#include <stdio.h> /* Standard I/O header. */
|
|
#include <stdlib.h> /* General utilities. */
|
|
#include <stddef.h> /* Standard definitions. */
|
|
#include <string.h> /* String handling utilities. */
|
|
#include "csucincl.h" /* header file for CCA Cryptographic
|
|
Service Provider */
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Declares for working with files. */
|
|
/*-------------------------------------------------------------------*/
|
|
#include <xxfdbk.h> /* Feedback area structures. */
|
|
#include <recio.h> /* Record I/O routines */
|
|
_RFILE *dbfptr; /* Pointer to database file. */
|
|
_RFILE *dbfptre; /* Pointer to database file. */
|
|
_RIOFB_T *db_fdbk; /* I/O Feedback - data base file */
|
|
_XXOPFB_T *db_opfb;
|
|
_XXOPFB_T *db_opfbe;
|
|
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Declares for working with user space objects. */
|
|
/*-------------------------------------------------------------------*/
|
|
#include "qusptrus.h"
|
|
#include "quscrtus.h"
|
|
#include "qusdltus.h"
|
|
#define USSPC_ATTR "PF "
|
|
#define USSPC_INIT_VAL 0x40
|
|
#define USSPC_AUTH "*EXCLUDE "
|
|
#define USSPC_TEXT "Sample user space"
|
|
#define USSPC_REPLACE "*YES "
|
|
|
|
char space_name[21] = "PLAINTXT QTEMP "; /* Name of user
|
|
space for plain text */
|
|
char cipher_name[21] = "CIPHER QTEMP "; /* Name for user
|
|
space containing ciphertext */
|
|
|
|
struct { /* Error code structure required for */
|
|
/* the User Space API's. */
|
|
int in_len; /* the length of the error code. */
|
|
int out_len; /* the length of the exception data. */
|
|
char excp_id[7]; /* the Exception ID. */
|
|
char rev; /* Reserved Field. */
|
|
char excp_data[120]; /* the output data associated */
|
|
} error_code; /* the exception ID. */
|
|
|
|
char ext_atr[11] = USSPC_ATTR; /* Space attribute */
|
|
char initial_val = USSPC_INIT_VAL;
|
|
/* Space initial value */
|
|
char auth[11] = USSPC_AUTH;
|
|
/* Space authority */
|
|
char desc[51] = USSPC_TEXT;
|
|
/* Space text */
|
|
char replace[11] = USSPC_REPLACE;
|
|
/*Space replace attribute*/
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Start of mainline code. */
|
|
/*-------------------------------------------------------------------*/
|
|
int main(int argc, char *argv[])
|
|
{
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* standard return codes */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
#define ERROR -1
|
|
#define OK 0
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* standard CCA parameters */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
long return_code;
|
|
long reason_code;
|
|
long exit_data_length;
|
|
char exit_data[2];
|
|
long rule_array_count;
|
|
|
|
char *user_space_ptr;
|
|
char *user_space;
|
|
char *cipher_spc;
|
|
long file_bytes;
|
|
long i;
|
|
long j;
|
|
char key_label[64];
|
|
|
|
long text_len, pad_character;
|
|
char initial_vector[8];
|
|
char chaining_vector[18];
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Open database files. */
|
|
/*-------------------------------------------------------------------*/
|
|
|
|
if (argc < 4) /* were the correct number
|
|
of parameters passed? */
|
|
|
|
{
|
|
printf("This program needs 3 parameters - ");
|
|
printf("key label, input file name, output file name\n");
|
|
|
|
return ERROR;
|
|
}
|
|
|
|
else
|
|
{
|
|
|
|
file_bytes = 0; /* Set initial number of
|
|
bytes to encipher to 0 */
|
|
|
|
/* Open the input file. If the file pointer, dbfptr is not
|
|
NULL, then the file was successfully opened. */
|
|
|
|
if (( dbfptr = _Ropen(argv[2], "rr riofb=n"))
|
|
!= NULL)
|
|
{
|
|
|
|
/*-------------------------------------------------------------------*/
|
|
/* Determine the number of bytes that will be enciphered. */
|
|
/*-------------------------------------------------------------------*/
|
|
db_opfb = _Ropnfbk( dbfptr ); /* Get pointer to the File
|
|
open feedback area. */
|
|
|
|
file_bytes = db_opfb->num_records *
|
|
db_opfb->pgm_record_len
|
|
+ 1; /* 1 is added to prevent an
|
|
end of space error */
|
|
|
|
j = db_opfb->num_records; /* Save number of records*/
|
|
/*----------------------------------------------------------------*/
|
|
/* Create user space and get pointer to it. */
|
|
/*----------------------------------------------------------------*/
|
|
error_code.in_len = 136; /* Set length of error */
|
|
/* structure. */
|
|
QUSDLTUS(space_name,&error_code); /* Delete the user space
|
|
if it already exists. */
|
|
|
|
/* Create the plaintext user space object */
|
|
QUSCRTUS(space_name,ext_atr,file_bytes,
|
|
&initial_val,auth,
|
|
desc, replace,&error_code);
|
|
|
|
error_code.in_len = 48; /* Set length of error
|
|
structure */
|
|
|
|
QUSPTRUS(space_name, /* Retrieve a pointer to */
|
|
(void *)&user_space, /* the user space. */
|
|
(char*)&error_code);
|
|
|
|
user_space_ptr = user_space; /* Make copy of pointer */
|
|
|
|
error_code.in_len = 136; /* Set length of error */
|
|
/* structure. */
|
|
QUSDLTUS(cipher_name,&error_code); /* Delete cipher space
|
|
if already exists. */
|
|
|
|
/* Create ciphertext user space object */
|
|
QUSCRTUS(cipher_name,ext_atr,
|
|
file_bytes,&initial_val,auth,
|
|
desc, replace,&error_code);
|
|
|
|
error_code.in_len = 48; /* Set length of error */
|
|
/* structure */
|
|
QUSPTRUS(cipher_name, /* Retrieve pointer to */
|
|
(void *)&cipher_spc, /* ciphertext user space */
|
|
(char*)&error_code);
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* Read file and fill space */
|
|
/*----------------------------------------------------------------*/
|
|
for (i=1; i<=j; i++) /* Repeat for each record */
|
|
{
|
|
/* Read a record and place in user space. */
|
|
db_fdbk = _Rreadn(dbfptr, user_space_ptr,
|
|
db_opfb->pgm_record_len, __DFT);
|
|
|
|
/* Move the user space ahead the length of a record */
|
|
user_space_ptr = user_space_ptr +
|
|
db_opfb->pgm_record_len;
|
|
}
|
|
|
|
if (dbfptr != NULL) /* Close the file. */
|
|
_Rclose(dbfptr);
|
|
/*----------------------------------------------------------------*/
|
|
/* Encrypt data in space */
|
|
/*----------------------------------------------------------------*/
|
|
|
|
memset((char *)key_label,' ',64); /* Initialize key label
|
|
to all blanks. */
|
|
memcpy((char *)key_label, /* Copy key label parm */
|
|
argv[1],strlen(argv[1]));
|
|
|
|
text_len = file_bytes - 1;
|
|
rule_array_count = 1;
|
|
pad_character = 40;
|
|
exit_data_length = 0;
|
|
memset((char *)initial_vector,'\0',8);
|
|
|
|
/* Encipher data in ciphertext user space */
|
|
CSNBENC(&return_code,
|
|
&reason_code,
|
|
&exit_data_length,
|
|
exit_data,
|
|
key_label,
|
|
&text_len,
|
|
user_space,
|
|
initial_vector,
|
|
&rule_array_count,
|
|
"CBC ", /* rule_array */
|
|
&pad_character,
|
|
chaining_vector,
|
|
cipher_spc );
|
|
|
|
if (return_code == 0) {
|
|
/*----------------------------------------------------------------*/
|
|
/* Open output file */
|
|
/*----------------------------------------------------------------*/
|
|
if (( dbfptre = _Ropen(argv[3],
|
|
"wr riofb=n")) != NULL)
|
|
{
|
|
db_opfbe = _Ropnfbk( dbfptr ); /* Get pointer to
|
|
the File open feedback
|
|
area. */
|
|
if(text_len % db_opfbe->pgm_record_len != 0)
|
|
{
|
|
printf("encrypted data will not fit into ");
|
|
printf("an even number of records\n");
|
|
|
|
if (dbfptre != NULL) /* Close the file. */
|
|
_Rclose(dbfptre);
|
|
|
|
/*--------------------------------------------*/
|
|
/* Delete both user spaces. */
|
|
/*--------------------------------------------*/
|
|
error_code.in_len = 136; /* Set length of
|
|
error structure. */
|
|
QUSDLTUS(space_name,&error_code); /* Delete the
|
|
user space */
|
|
QUSDLTUS(cipher_name,&error_code); /* Delete
|
|
ciphertext space */
|
|
|
|
return ERROR;
|
|
}
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* Write data from space to file. */
|
|
/*----------------------------------------------------------------*/
|
|
user_space_ptr = cipher_spc; /* Save pointer to
|
|
cipher space. */
|
|
|
|
j = text_len / db_opfbe->pgm_record_len; /* find
|
|
how many records
|
|
are needed to store
|
|
result in output
|
|
file */
|
|
for (i=1; i<=j; i++) /* Repeat for each
|
|
record */
|
|
{
|
|
/* Write data to output file */
|
|
db_fdbk = _Rwrite(dbfptre, user_space_ptr,
|
|
db_opfbe->pgm_record_len);
|
|
|
|
/* Advance pointer ahead the length of a record */
|
|
user_space_ptr = user_space_ptr +
|
|
db_opfbe->pgm_record_len;
|
|
}
|
|
if (dbfptre != NULL) /* Close the file */
|
|
_Rclose(dbfptre);
|
|
|
|
} /* end of open open
|
|
output file */
|
|
else
|
|
{
|
|
printf("Output file %s could not be opened\n",
|
|
argv[3]);
|
|
|
|
/*--------------------------------------------*/
|
|
/* Delete both user spaces. */
|
|
/*--------------------------------------------*/
|
|
error_code.in_len = 136; /* Set length of
|
|
error structure. */
|
|
QUSDLTUS(space_name,&error_code); /* Delete the
|
|
user space */
|
|
QUSDLTUS(cipher_name,&error_code); /* Delete
|
|
ciphertext space */
|
|
return ERROR;
|
|
}
|
|
|
|
} /* If return code = 0 */
|
|
else
|
|
{
|
|
printf("Bad return/reason code : %d/%d \n",
|
|
return_code,reason_code);
|
|
/*--------------------------------------------*/
|
|
/* Delete both user spaces. */
|
|
/*--------------------------------------------*/
|
|
error_code.in_len = 136; /* Set length of
|
|
error structure. */
|
|
QUSDLTUS(space_name,&error_code); /* Delete the
|
|
user space */
|
|
QUSDLTUS(cipher_name,&error_code); /* Delete
|
|
ciphertext space */
|
|
return ERROR;
|
|
}
|
|
|
|
/*----------------------------------------------------------------*/
|
|
/* Delete both user spaces. */
|
|
/*----------------------------------------------------------------*/
|
|
error_code.in_len = 136; /* Set length of
|
|
error structure. */
|
|
QUSDLTUS(space_name,&error_code); /* Delete the user
|
|
space */
|
|
QUSDLTUS(cipher_name,&error_code); /* Delete ciphertext
|
|
space */
|
|
|
|
} /* End of open
|
|
input file */
|
|
else
|
|
{
|
|
printf("Input file %s could not be opened\n", argv[2]);
|
|
return ERROR;
|
|
}
|
|
} /* argv[] == null */
|
|
return OK;
|
|
}</pre>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajcciphering.htm" title="One of the more practical uses for your Cryptographic Coprocessor is encrypting and decrypting data files.">Encrypt or decrypt a file</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |