z/OS Open Cryptographic Services Facility Application Programming
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


ATTACH.C

z/OS Open Cryptographic Services Facility Application Programming
SC24-5899-01 

//-------------------------------------------------------------------------
//
// COMPONENT_NAME: file_encrypt
//
// (C) COPYRIGHT International Business Machines Corp. 1999
// All Rights Reserved
// Licensed Materials - Property of IBM
//
//-------------------------------------------------------------------------
//
// FILE: attach.c
//
// There are various levels of detail that applications can use when
// attaching to modules using the CSSM API.  In the simplest case, an
// application can hardcode a particular GUID so that it only works when
// a particular module is installed.  On the other hand, a more flexible
// application can be designed to look into the installed list of modules
// and choose one based on some attribute it has (capability, vendor
// name, hardware/software, etc.).
//
// This file shows two methods (among many) that can be used to attach a
// module.  In AttachCSPByAlgorithm(), the installed list of software 
// cryptographic service providers is searched to find one that supports 
// the required algorithm.  
//
//-------------------------------------------------------------------------

#include <stdio.h>
#include <stdlib.h>

#include <cssm.h>
#include <file_encrypt.h>

//-------------------------------------------------------------------------
//
// Function: AttachCSPByAlgorithm
//
// This function searches the list of all installed modules for a
// CSP that supports the required algorithm.
//  
//-------------------------------------------------------------------------
void AttachCSPByAlgorithm(
    CSSM_CSP_HANDLE *hCSP,
    uint32 AlgorithmRequired)
{
    CSSM_ERROR_PTR          pError;         // error information
    CSSM_LIST_PTR           pModuleList;    // list of modules
    CSSM_MODULE_INFO_PTR    pModuleInfo;    // module info
    CSSM_CSPSUBSERVICE_PTR  pCspInfo;       // CSP module info
    CSSM_SOFTWARE_CSPSUBSERVICE_INFO_PTR pInfo;  // software CSP module info
    CSSM_CSP_CAPABILITY_PTR pCap;           // capabilities list
    uint32                  Total;          // miscellaneous
    CSSM_BOOL               Found;          // boolean for search
    uint32                  i;              // index
    uint32                  j;              // index
    uint32                  k;              // index
    uint32                  l;              // index

    //
    // Retrieve the total list of CSPs installed on the system at this time.
    //

    if ((pModuleList = CSSM_ListModules(CSSM_SERVICE_CSP, CSSM_TRUE)) == NULL)
    {
        pError = CSSM_GetError();
        printf("Error: could not list installed modules\n");
        printf("CSSM_ListModules error code = %d\n", pError->error);
        exit(1);
    }

    if (pModuleList->NumberItems == 0)
    {
        printf("Error: no CSPs installed.\n");
        exit(1);
    } 

    //
    // Search through installed software CSPs for one that supports the
    // encryption algorithm required
    //

    Found = CSSM_FALSE;

    for (i = 0; !Found && i < (int)pModuleList->NumberItems; i++)
    {
        pModuleInfo = CSSM_GetModuleInfo(&(pModuleList->Items[i].GUID),
                                         CSSM_SERVICE_CSP,
                                         0,
                                         CSSM_INFO_LEVEL_ALL_ATTR);

        for (j = 0; !Found && j < (int) pModuleInfo->NumberOfServices; j++)
        {
#ifdef OS390
     pCspInfo = pModuleInfo>ServiceList[j].SubserviceList.CspSubServiceList;
#else
           pCspInfo = pModuleInfo->ServiceList[j].CspSubServiceList;
#endif

  for (k = 0; !Found && k < pModuleInfo->ServiceList[j].NumberOfSubServices; k++)
            {
                //
                // Note: to extend the search to hardware CSPs, a case
                // could be added to this switch construct.
                //
                switch (pCspInfo->CspType)
                {
                    case CSSM_CSP_SOFTWARE:
#ifdef OS390
                   pInfo = &(pCspInfo->SubServiceInfo.SoftwareCspSubService);
#else
                        pInfo = &(pCspInfo->SoftwareCspSubService);
#endif
                        Total = pInfo->NumberOfCapabilities;
                        for (l = 0; l < Total; l++)
                        {
                            pCap = &(pInfo->CapabilityList[l]);
                            if (pCap->AlgorithmType == AlgorithmRequired)
                            {
                                Found = CSSM_TRUE;
                            }
                        }
                    break;

                    default:
                    break;
                } // switch
            } // for each subservice
        } // for each usage type
    } // for each module

    if (!Found)
    {       
        //
        // There were CSPs, but none of them matched
        //
        printf("Error: there are no suitable cryptographic service providers installed\n");
        exit(1);
    }
    else
    {
        *hCSP = CSSM_ModuleAttach(&(pModuleList->Items[i-1].GUID), 
                                    &pModuleInfo->Version,
                                    &MemoryFuncs,
                                    0,
                                    0,
                                    0,
                                    NULL,
                                    NULL);
        if (*hCSP == 0)
        {
            pError = CSSM_GetError();
            printf("Error: could not attach to suitable cryptographic service provider\n");
            printf("CSSM_ModuleAttach error code = %d\n", pError->error);
            exit(1);
        } 

    }

    // Successfully attached to desired CSP
}

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014