/* Rexx */
/*-------------------------------------------------------------------*/
/* Description: */
/* */
/* Sample REXX exec uses an encrypted AES DATA key label to */
/* encrypt/decrypt 12000 bytes of data using CSNBSYE/CSNBSYD */
/* and processing mode CFB. */
/* */
/* To use an AES encrypted DATA key label in the CKDS, the ICSF */
/* segment of the CSFKEYS class general resource profile associated */
/* with the specified key label must contain SYMCPACFWRAP(YES). For */
/* more information on CSFKEYS SAF checking, see z/OS Cryptographic */
/* Services ICSF Administrator's Guide. */
/* example: */
/* RDEFINE CSFKEYS SYE.AES.DATA.LEN* ICSF(SYMCPACFWRAP(YES)) */
/* */
/* See the ICSF Application Programmer's Guide for more details on */
/* the callable services used in this sample. */
/* */
/*-------------------------------------------------------------------*/
/* assumes this key label was previously created */
AES_DATA_key_label = left('SYE.AES.DATA.LEN256',64) ;
/* initialize SYE parameter list */
SYE_rc = 'FFFFFFFF'x ;
SYE_rs = 'FFFFFFFF'x ;
exit_data_length = '00000000'x ;
exit_data = '' ;
SYE_rule_array_count = '00000003'x ;
SYE_rule_array = 'AES ' ||,
'CFB ' ||,
'KEYIDENT' ||,
'ONLY ' ;
SYE_key_length = '00000040'x ;
SYE_key_identifier = AES_DATA_key_label ;
SYE_key_parms_length = '00000000'x ; /* ignored */
SYE_key_parms = '' ; /* ignored */
SYE_block_size = '00000010'x ;
SYE_initial_vector_length = '00000010'x ;
SYE_initial_vector = '8EBFFE2B973B3121D3858699CB26AAC7'x ;
SYE_chain_data_length = '00000020'x ;
SYE_chain_data = copies('00'x,32) ;
SYE_clear_text_length = d2c(12000,4) ;
SYE_clear_text = copies('0123456789ABCDEF'x,1500) ;
SYE_cipher_text_length = d2c(12000,4) ;
SYE_cipher_text = copies('00'x,12000) ;
SYE_optional_data_length = '00000000'x ; /* ignored */
SYE_optional_data = '' ; /* ignored */
/* call Symmetric Algorithm Encipher */
address linkpgm 'CSNBSYE' ,
'SYE_rc' ,
'SYE_rs' ,
'exit_data_length' ,
'exit_data' ,
'SYE_rule_array_count' ,
'SYE_rule_array' ,
'SYE_key_length' ,
'SYE_key_identifier' ,
'SYE_key_parms_length' ,
'SYE_key_parms' ,
'SYE_block_size' ,
'SYE_initial_vector_length' ,
'SYE_initial_vector' ,
'SYE_chain_data_length' ,
'SYE_chain_data' ,
'SYE_clear_text_length' ,
'SYE_clear_text' ,
'SYE_cipher_text_length' ,
'SYE_cipher_text' ,
'SYE_optional_data_length' ,
'SYE_optional_data' ;
IF (SYE_rc \= '00000000'x) THEN
DO ;
say 'SYE failed: rc =' c2x(SYE_rc) 'rs =' c2x(SYE_rs) ;
SIGNAL OUT ;
END ;
ELSE
DO ;
say 'SYE: rc =' c2x(SYE_rc) 'rs =' c2x(SYE_rs) ;
say 'SYE cipher text length:' c2d(SYE_cipher_text_length) ;
call PRTBLK c2x(SYE_cipher_text), 64 ;
say ;
END ;
/* initialize SYD parameter list */
SYD_rc = 'FFFFFFFF'x ;
SYD_rs = 'FFFFFFFF'x ;
exit_data_length = '00000000'x ;
exit_data = '' ;
SYD_rule_array_count = SYE_rule_array_count ;
SYD_rule_array = SYE_rule_array ;
SYD_key_length = SYE_key_length ;
SYD_key_identifier = SYE_key_identifier ;
SYD_key_parms_length = '00000000'x ; /* ignored */
SYD_key_parms = '' ; /* ignored */
SYD_block_size = SYE_block_size ;
SYD_initial_vector_length = SYE_initial_vector_length ;
SYD_initial_vector = SYE_initial_vector ;
SYD_chain_data_length = SYE_chain_data_length ;
SYD_chain_data = SYE_chain_data ;
SYD_cipher_text_length = SYE_cipher_text_length ;
SYD_cipher_text = SYE_cipher_text ;
SYD_clear_text_length = d2c(12000,4) ;
SYD_clear_text = copies('00'x,12000) ;
SYD_optional_data_length = '00000000'x ; /* ignored */
SYD_optional_data = '' ; /* ignored */
/* call Symmetric Algorithm Decipher */
address linkpgm 'CSNBSYD' ,
'SYD_rc' ,
'SYD_rs' ,
'exit_data_length' ,
'exit_data' ,
'SYD_rule_array_count' ,
'SYD_rule_array' ,
'SYD_key_length' ,
'SYD_key_identifier' ,
'SYD_key_parms_length' ,
'SYD_key_parms' ,
'SYD_block_size' ,
'SYD_initial_vector_length' ,
'SYD_initial_vector' ,
'SYD_chain_data_length' ,
'SYD_chain_data' ,
'SYD_cipher_text_length' ,
'SYD_cipher_text' ,
'SYD_clear_text_length' ,
'SYD_clear_text' ,
'SYD_optional_data_length' ,
'SYD_optional_data' ;
IF (SYD_rc \= '00000000'x) THEN
say 'SYD failed: rc =' c2x(SYD_rc) 'rs =' c2x(SYD_rs) ;
ELSE
IF SYD_clear_text = SYE_clear_text THEN say 'SUCCESS!!!' ;
OUT:
EXIT ;
/* --------------------------------------------------------------- */
/* PRTBLK: */
/* */
/* Helper routine to display hex data with a fixed line length */
/* --------------------------------------------------------------- */
PRTBLK:
ARG data, max ;
/* The maximum length of an output line */
line_length = max ;
data_length = LENGTH(data) ;
num_lines = data_length % line_length ;
/* Parse the data */
IF data_length // line_length <> 0 THEN num_lines = num_lines + 1 ;
index = 1 ;
DO num_lines ;
SAY SUBSTR(data,index,line_length) ;
index = index + line_length ;
END ;
RETURN ;