In V5R3, IBM has substantially enhanced the Cryptographic Services APIs, especially in the areas of key management and the securing of the cryptographic process. I begin uncovering these great improvements in today’s issue, and in upcoming issues, I will provide you with the building blocks necessary to implement both a key management setup and the necessary cryptographic functions required to make such an infrastructure work.
The topic of today’s article is the concept and use of context tokens in the cryptographic process. With V5R3, two types of context tokens were introduced: Algorithm context tokens and key context tokens.
As I pointed out in the first installment of this series (July 17, 2005, article ID 51236 at iSeriesNetwork.com), the cryptographic algorithms used herein are dependent on the presence of the IBM iSeries software product 5722-AC3 – Cryptographic Access Provider 128-bit for iSeries.
You can use the CL command DSPSFWRSC (Display Software Resources) to verify that this product is installed. If it’s not installed, you can order it from IBM free of charge. If you’re outside of the U.S., please note, however, that this product can be subject to U.S. export regulations.
Download the save file containing the source code.