Example: ILE RPG program for enabling all access control points in the default role for your Coprocessor
Change this IBM i ILE RPG program example to suit your needs for enabling all access control points in the default role for your Coprocessor.
Note: Read the Code license and disclaimer information for
important legal information.
If you choose to use this program example, change it to suit your specific needs. For security reasons, IBM recommends that you individualize these program examples rather than using the default values provided.
D*************************************************************
D* SETDEFAULT
D*
D* Sample program to authorize the default role to all access
D* control points in the cardX.
D*
D*
D* COPYRIGHT 5769-SS1 (C) IBM CORP. 2000, 2007
D*
D* This material contains programming source code for your
D* consideration. These example has not been thoroughly
D* tested under all conditions. IBM, therefore, cannot
D* guarantee or imply reliability, serviceability, or function
D* of these programs. All programs contained herein are
D* provided to you "AS IS". THE IMPLIED WARRANTIES OF
D* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
D* ARE EXPRESSLY DISCLAIMED. IBM provides no program services for
D* these programs and files.
D*
D*
D* Note: Input format is more fully described in Chapter 2 of
D* IBM CCA Basic Services Reference and Guide
D* (SC31-8609) publication.
D*
D* Parameters: None
D*
D* Example:
D* CALL PGM(SETDEFAULT)
D*
D* Use these commands to compile this program on the system:
D* CRTRPGMOD MODULE(SETDEFAULT) SRCFILE(SAMPLE)
D* CRTPGM PGM(SETEID) MODULE(SETDEFAULT)
D* BNDSRVPGM(QCCA/CSUAACI)
D*
D* Note: Authority to the CSUAACI service program in the
D* QCCA library is assumed.
D*
D* The Common Cryptographic Architecture (CCA) verbs used are
D* Access_Control_Initialize (CSUAACI)
D*
D**************************************************************
D*--------------------------------------------------------
D* Declare variables used by CCA SAPI calls
D*--------------------------------------------------------
D* ** Return code
DRETURNCODE S 9B 0
D* ** Reason code
DREASONCODE S 9B 0
D* ** Exit data length
DEXITDATALEN S 9B 0
D* ** Exit data
DEXITDATA S 4
D* ** Rule array count
DRULEARRAYCNT S 9B 0
D* ** Rule array
DRULEARRAY S 16
D* ** Verb data 1 length
DVERBDATALEN1 S 9B 0 INZ(0)
D* ** Verb data 1
DVERBDATA1 S 4
D* ** Verb data 2 length
DVERBDATALEN2 S 9B 0 INZ(117)
D*-------------------------------------------------------------
D* Verbdata 2 contains the aggregate role structure which
D* in turn contains 1 role - the default role
D*-------------------------------------------------------------
DVERBDATA2 DS 200
D* ** Define 1 Role
DNUMROLES 9B 0 INZ(1)
D* ** Reserved field
DRESR1 9B 0 INZ(0)
D* ** Version 1 struct
DVERS 2 INZ(X'0100')
D* ** Length of role
DROLELEN 2 INZ(X'006D')
D* ** Description of role
DCOMMENT 20 INZ(' ')
D* ** Checksum is not used
DCHECKSUM 2 INZ(X'0000')
D* ** Reserved field
DRESR2 2 INZ(X'0000')
D* ** Role Name is DEFAULT expressed in ASCII
DROLE 8 INZ(X'44454641554C5420')
D* ** Authentication strength is set to 0
DAUTHSTRN 2 INZ(X'0000')
D* ** Lower time is 00:00
DLWRTIMHR 1 INZ(X'00')
DLWRTIMMN 1 INZ(X'00')
D* ** Upper time is 23:59
DUPRTIMHR 1 INZ(X'17')
DUPRTIMMN 1 INZ(X'3B')
D* ** Valid days of week
DVALIDDOW 1 INZ(X'FE')
D* ** Reserved field
DRESR3 1 INZ(X'00')
D* ** 2 Access control points segements are defined
DNUMSEG 2 INZ(X'0002')
D* ** Reserved field
DRESR4 2 INZ(X'0000')
D* ** Starting bit of segment 1 is 0.
DSTART1 2 INZ(X'0000')
D* ** Ending bit of segment 1 is 295 (Hex 127).
DEND1 2 INZ(X'0127')
D* ** 37 Bytes in segment 1
DNUMBYTES1 2 INZ(X'0025')
D* ** Reserved field
DRESR5 2 INZ(X'00')
D* ** Segment 1 access control points
DBITMAP1A 8 INZ(X'0003F0FD80003000')
DBITMAP1B 8 INZ(X'80001900C0000000')
DBITMAP1C 8 INZ(X'000A8000882F7110')
DBITMAP1D 8 INZ(X'1804033180000000')
DBITMAP1E 5 INZ(X'FF7FFFFF80')
D* ** Starting bit of segment 2 is 512 (Hex 200).
DSTART2 2 INZ(X'0200')
D* ** Ending bit of segment 2 is 575 (Hex 23F)
DEND2 2 INZ(X'023F')
D* ** 8 Bytes in segment 2
DNUMBYTES2 2 INZ(X'0008')
D* ** Reserved field
DRESR6 2 INZ(X'0000')
D* ** Segment 2 access control points
DBITMAP2 8 INZ(X'F8007FFF7FFFE60F')
D*
D**********************************************************
D* Prototype for Access_Control_Initialize (CSUAACI)
D**********************************************************
DCSUAACI PR
DRETCODE 9B 0
DRSNCODE 9B 0
DEXTDTALEN 9B 0
DEXTDTA 4
DRARRAYCT 9B 0
DRARRAY 16
DVRBDTALEN1 9B 0
DVRBDTA1 4
DVRBDTALEN2 9B 0
DVRBDTA2 200
D*
D*-------------------------------------------------------------
D* ** Declares for sending messages to the
D* ** job log using the QMHSNDPM API
D*-------------------------------------------------------------
DMSG S 64 DIM(2) CTDATA PERRCD(1)
DMSGLENGTH S 9B 0 INZ(64)
D DS
DMSGTEXT 1 64
DFAILRETC 41 44
DFAILRSNC 46 49
DMESSAGEID S 7 INZ(' ')
DMESSAGEFILE S 21 INZ(' ')
DMSGKEY S 4 INZ(' ')
DMSGTYPE S 10 INZ('*INFO ')
DSTACKENTRY S 10 INZ('* ')
DSTACKCOUNTER S 9B 0 INZ(2)
DERRCODE DS
DBYTESIN 1 4B 0 INZ(0)
DBYTESOUT 5 8B 0 INZ(0)
C*
C**************************************************************
C* START OF PROGRAM *
C* *
C*------------------------------------------------------------*
C* Set the keywords in the rule array *
C*------------------------------------------------------------*
C MOVEL 'INIT-AC ' RULEARRAY
C MOVE 'REPLACE ' RULEARRAY
C Z-ADD 2 RULEARRAYCNT
C**************************************************************
C* Call Access_Control_Initialize SAPI
C**************************************************************
C CALLP CSUAACI (RETURNCODE:
C REASONCODE:
C EXITDATALEN:
C EXITDATA:
C RULEARRAYCNT:
C RULEARRAY:
C VERBDATALEN1:
C VERBDATA1:
C VERBDATALEN2:
C VERBDATA2)
C*-----------------------*
C* Check the return code *
C*-----------------------*
C RETURNCODE IFGT 4
C* *------------------------*
C* * Send failure message *
C* *------------------------*
C MOVEL MSG(1) MSGTEXT
C MOVE RETURNCODE FAILRETC
C MOVE REASONCODE FAILRSNC
C EXSR SNDMSG
C*
C ELSE
C* *----------------------*
C* * Send success message *
C* *----------------------*
C MOVE MSG(2) MSGTEXT
C EXSR SNDMSG
C*
C ENDIF
C*
C SETON LR
C*
C**************************************************************
C* Subroutine to send a message
C**************************************************************
C SNDMSG BEGSR
C CALL 'QMHSNDPM'
C PARM MESSAGEID
C PARM MESSAGEFILE
C PARM MSGTEXT
C PARM MSGLENGTH
C PARM MSGTYPE
C PARM STACKENTRY
C PARM STACKCOUNTER
C PARM MSGKEY
C PARM ERRCODE
C ENDSR
**
CSUAACI failed with return/reason codes 9999/9999.
The Default role was successfully set.