|
I do have this installed on my box:
5722AC3 *INSTALLED Crypto Access Provider 128-bit Where can I get examples of source that uses it? I basically need to
encrypt one field within a file.
TIA
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Stephen Landess
Sent: Thursday, May 17, 2007 11:06 AM
To: midrange-l@xxxxxxxxxxxx
Subject: Re: Data Encryption
In order to use the cryptographic API's, you need to have Cryptographic Access Provider 128-bit 5722-AC3 for iSeries installed. Otherwise, the
API call will fail with a message that says "Text not available for message CPF9DFF file QCPFMSG."
- Steve
From: MWHopkins@xxxxxxxxxxxxxxx<midrange-l@xxxxxxxxxxxx>
Reply-To: Midrange Systems Technical Discussion
To: midrange-l@xxxxxxxxxxxxwill
Subject: Re: Data Encryption
Date: Thu, 17 May 2007 10:16:03 -0400
Here is a program/procedure I picked up somewhere along the line that
encrypt/decrypt a string that you pass in to it. I think that most ofthe
code is self explanatory. The only thing I don't like about it is thatthe
key string is hard coded in the program. I think you have to have thealways
cryptographic services installed on the iSeries. Not sure if it is
included now or not.D*******************************************************************
* CRTRPGMOD DECRYPTDTA
* BNDSRVPGM(QC3DTAEN QC3PRNG)
*
* Encrypt Data (OPM, QC3ENCDT; ILE, Qc3EncryptData) API
* Service Program Name: QC3DTAEN
* Decrypt Data (OPM, QC3DECDT; ILE, Qc3DecryptData) API
* Service Program Name: QC3DTADE
Hdatedit(*ymd) datfmt(*ymd) debug(*yes) timfmt(*hms)
/If defined(SrvPgm)
Hnomain
D Encryption PR 1N
D ClearData 32767a Varying
D EncryptData 32767a Varying
D Processing 1a
* -----------------------------------------------------------
* CALL QMHRMVPM to remove all messages from passed programqueue
* always return *OFF
* -----------------------------------------------------------
D Encryption PI 1N
D ClearData 32767a Varying
D EncryptData 32767a Varying
D Processing 1a
/Endif
*/copy qsysinc/qrpglesrc.QC3CCI
D*Data definitionsD*******************************************************************
D*ALGD0200 algorithm description structureALGD0200
DQC3D0200 DS
D* Qc3 Format
D QC3BCA 1 4B 0ALGD0300
D* Block Cipher Alg
D QC3BL 5 8B 0
D* Block Length
D QC3MODE 9 9
D* Mode
D QC3PO 10 10
D* Pad Option
D QC3PC 11 11
D* Pad Character
D QC3ERVED 12 12
D* Reserved
D QC3MACL 13 16B 0
D* MAC Length
D QC3EKS 17 20B 0
D* Effective Key Size
D QC3IV 21 52
D* Init Vector
D*ALGD0300 algorithm description structure
DQC3D0300 DS
D* Qc3 Format
D QC3SCA 1 4B 0ALGD0400
D* Stream Cipher Alg
D*ALGD0400 algorithm description structure
DQC3D0400 DS
D* Qc3 Format
D QC3PKA 1 4B 0ALGD0500
D* Public Key Alg
D QC3PKABF 5 5
D* PKA Block Format
D QC3ERVED00 6 8
D* Reserved
D QC3SHA 9 12B 0
D* Signing Hash Alg
D*ALGD0500 algorithm description structure
DQC3D0500 DS
D* Qc3 Format
D QC3HA 1 4B 0DATA0200
D* Hash Alg
D*DATA0200 array data format structure
DQC3A0200 DS
D* Qc3 Format
D QC3DP 1 16*KEYD0200
D* Data Ptr
D QC3DL 17 20B 0
D* Data Len
D QC3ERVED01 21 32
D* Reserved
D*KEYD0200 key description format structure
DQC3D020000 DS
D* Qc3 Format
D QC3KT 1 4B 0D*******************************************************************
D* Key Type
D QC3KSL 5 8B 0
D* Key String Len
D QC3KF 9 9
D* Key Format
D QC3ERVED02 10 12 inz(x'000000')
D* Reserved
D*QC3KS 13 13
D*
D* variable length
* API error structureform.
D APIERR DS
D ERRPRV 10I 0 INZ(272)
D ERRLEN 10I 0
D EXCPID 7A
D RSRVD2 1A
D EXCPDT 256A
D
*Encrypt Data (OPM, QC3ENCDT; ILE, Qc3EncryptData) API protects
*data privacy by scrambling clear data into an unintelligible
D*Qc3EncryptData Pr ExtProc('Qc3EncryptData')%size(encryptedData)
D Qc3EncryptData Pr ExtPgm('QC3ENCDT')
D clrDta 32767a
D clrDtaLen 10I 0
D clrDtaFmt 8
D algorithm like(QC3D0200)
D algorithmFmt 8
D key like(KeyC)
D keyFmt 8
D srvProvider 1
D deviceName 10
D encryptedData 32767a
D encryptedBufL 10I 0
D encryptedRtnL 10I 0
D errcde like(APIERR)
* Decrypt Data (OPM, QC3DECDT; ILE, Qc3DecryptData) API restores
* encrypted data to a clear (intelligible) form.
D*Qc3DecryptData Pr ExtProc('Qc3DecryptData')
D Qc3DecryptData Pr ExtPgm('QC3DECDT')
D encryptedData 32767a
D encryptedDtaL 10I 0
D algorithm like(QC3D0200)
D algorithmFmt 8
D key like(keyC)
D keyFmt 8
D srvProvider 1
D deviceName 10
D clrDta 32767a
D clrDtaBufL 10I 0
D clrDtaRtnL 10I 0
D errcde like(APIERR)
DQc3GenPRNs Pr ExtPRoc('Qc3GenPRNs')
D PrnDta 512
D PrnDtaLen 10I 0
D PrnType 1
D PrnParity 1
D errcde like(APIERR)
D PrnDta S 512
D PrnDtaLen S 10I 0
D PrnType S 1 inz('1')
D PrnParity S 1 inz('1')
D clrDta S 32767a
D clrDtaLen S 10I 0
D clrDtaFmt S 8 inz('DATA0100')
D algorithm S like(QC3D0200)
D algorithmFmt S 8 inz('ALGD0200')
D key S like(KeyC)
D keyFmt S 8 inz('KEYD0200')
D srvProvider S 1 inz('1')
D deviceName S 10 inz(*blanks)
D encryptedData S 32767a
D encryptedDtaL S 10I 0
D encryptedBufL S 10I 0
D encryptedRtnL S 10I 0
D clrDtaBufL S 10I 0
D clrDtaRtnL S 10I 0
D KeyString S 256 Inz('Put your key string in
here')
D KeyC S 256
D returnCode S n
/if not defined(SrvPgm)
D ClearData s 32767a Varying
D EncryptData s 32767a Varying
D Processing s 1a
c *Entry plist
c parm ClearData
c parm EncryptData
c parm Processing
/EndIf
C Eval clrDta = ClearData
C Eval clrDtaLen = %len(%trimr(clrDta))
C Eval encryptedBufL =
C* Block cipher algorithmto
* 20 DES
* 21 Triple DES
* 22 AES
C Eval QC3BCA = 22
*Block length
* 8 DES
* 8 Triple DES
* 16 AES
C Eval QC3BL = 16
*Mode
* 0 ECB
* 1 CBC
* 2 OFB. Not valid with AES.
* 3 CFB 1-bit. Not valid with AES.
* 4 CFB 8-bit. Not valid with AES.
* 5 CFB 64-bit. Not valid with AES
C Eval QC3MODE = '1'
* Pad Option
* 0 No padding is performed.
* 1 Use the character specified in the pad character field for
padding
* 2 The pad counter is used as the pad character.
C Eval QC3PO = '1'
* Pad Character
C Eval QC3PC = X'00'
* Reserved
C Eval QC3ERVED = X'00'
* MAC Length
* This field is not used on an encrypt operation and must be set
* null(binary 0s).ECB,
C Eval QC3MACL = X'00000000'
* Effective key size
* This field must be set to 0.
C Eval QC3EKS = 0
* Initialization vector
* The initialization vector (IV). An IV is not used for mode
* and must be set to NULL (binary 0s).%trim(KeyString)
C Eval QC3IV = *AllX'00'
C Reset encryptedData
C Eval encryptedBufL = %len(encryptedData)
C* Eval algorithm = %addr(QC3D0200)
C Eval algorithm = QC3D0200
* Key Type KeyFormat KeyLength
* 20 DES 0 8(7 bits used,rightmost
setbit
* 21 Triple DES 0 8,16,24(7 bits used,rightmost
setbit
* 22 AES 0 16,24,32
* 30 RC4-compatible 0 1<->256
* 50 RSA public 1
* 51 RSA private 1
C Eval QC3KT = 22
* Key Format
C Eval QC3KF = '0'
* Key String
C* Eval KeyString = '12345678'
C* Eval PrnDtaLen = 8
C* callP Qc3GenPRNs(
C* PrnDta :
C* PrnDtaLen :
C* PrnType :
C* PrnParity :
C* APIERR
C* )
C* ExSr ChkErrCde
C* Eval KeyString = %SubSt(PrnDta :
C* 1 : PrnDtaLen)
* Key Length
C Eval QC3KSL = 32
C Eval KeyC = QC3D020000 +
C* Eval Key = %addr(KeyC)%size(encryptedData)
C Eval Key = KeyC
C Select
C When Processing = 'E'
C Eval clrDta = ClearData
C Eval clrDtaLen = %len(%trimr(clrDta))
C Eval encryptedBufL =
C callP Qc3EncryptData(%subst(encryptedData:1:encryptedRtnL)
C clrDta :
C clrDtaLen :
C clrDtaFmt :
C algorithm :
C algorithmFmt :
C key :
C keyFmt :
C srvProvider :
C deviceName :
C encryptedData :
C encryptedBufL :
C encryptedRtnL :
C APIERR
C )
C ExSr ChkErrCde
C When Processing = 'D'
C Eval encryptedData = encryptData
C Eval encryptedDtaL =
%len(%trimr(encryptedData))
C Eval clrDtaBufL = %size(clrDta)
C callP Qc3DecryptData(
C encryptedData :
C encryptedDtaL :
C algorithm :
C algorithmFmt :
C key :
C keyFmt :
C srvProvider :
C deviceName :
C clrDta :
C clrDtaBufL :
C clrDtaRtnL :
C APIERR
C )
C ExSr ChkErrCde
C EndSl
C Eval *InLr = *On
/If defined(SrvPgm)
C Return returnCode
/Else
C Return
/EndIf
**********************************************************************
C ChkErrCde BegSr
C If ERRLEN > 0
C* dump
C Eval returnCode = *on
C Else
C Eval returnCode = *off
C Select
C When Processing = 'E'
C Eval encryptData =
C
C When Processing = 'D'%subst(clrDta:1:clrDtaRtnL)
C Eval ClearData =
C EndSlon
C EndIf
C* Dump
C EndSr
**********************************************************************
/If defined(SrvPgm)
P Encryption E
/EndIf
Matt Hopkins
Sr. Programmer/Analyst
Web: www.pdpgroupinc.com
Email: MWHopkins@xxxxxxxxxxxxxxx
Office: 410-584-0330
Fax: 410-584-0336
----- Message from "Leibowitz, Larry" <Larry.Leibowitz@xxxxxxxxxxxxxxx>
Thu, 17 May 2007 09:36:55 -0400 -----intended
To:
<midrange-l@xxxxxxxxxxxx>
Subject:
Data Encryption
I have been asked to encrypt data (one field) in a Physical File. We
have a 520 at V5R3. Are there utilities available on the System I or do
I need to use a Tool from a vendor?
Thanks in Advance
**********************************************************************
The information contained in this message is confidential and is
for the addressee(s) only. If you have received this message in erroror
there are any problems please notify the originator immediately. Thedirect,
unauthorized use, disclosure, copying or alteration of this message is
strictly forbidden. CED-Concord Management will not be liable for
special, indirect or consequential damages arising from the alterationof
thelist
contents of this message by a third party or as a result of any virus
being
passed on.
This footnote confirms that this email message has been swept by
MIMEsweeper for Content Security threats, including computer viruses.
www.mimesweeper.com
**********************************************************************
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) digest
To post a message email: MIDRANGE-L@xxxxxxxxxxxxlist
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
_________________________________________________________________
PC Magazine's 2007 editors' choice for best Web mail-award-winning
Windows Live Hotmail. http://imagine-windowslive.com/hotmail/?locale=en-us&ocid=TXT_TAGHM_migr
ation_HM_mini_pcmag_0507
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.