This APIs by Example continues the coverage begun in the preceding installment of this column (see “New Cryptographic Services APIs and Exit Points at Release 6.1,” June 24, 2010, article ID 65255 at SystemiNetwork.com). That coverage is of the new Cryptographic Services APIs and exit points introduced by IBM with release 6.1. For today’s issue, I’ve created a new Work with Key Store Records (WRKKR) CL command based on the Retrieve Keystore Records (Qc3RetrieveKeyStoreRecords) API, which lets you retrieve a list of all the cryptographic keys stored in a key store. In addition to listing key store records, the WRKKR command provides an interface to other previously published cryptographic key work management commands, letting you display, print, and delete the cryptographic key records and also display the key store file attributes.
Last time, I presented two cryptographic key management exit programs enabled by the cryptographic key management exit points introduced with release 6.1. The exit programs in question are called whenever a master key is set or cleared. For the remaining two exit points covering the events of a key store being translated, meaning all stored keys are encrypted under a new master key, as well as a key record being deleted from a key store, I include in today’s issue a couple of new sample exit programs and also information about how to register these exit programs.
As explained last time, the key management exit points are called whenever the associated key management event is taking place, irrespective of the interface used to perform the key management function, being either a CL command, an API, or System i Navigator dialog panels. The translate key store and delete key store record exit programs included today are based on the User Function Registration facility, which I also discussed in last month’s API by Example, and it employs the user functions registered as part of earlier installation programs provided. If you’ve already installed the commands and service program included last month, you should be OK; otherwise please do the installation before registering the exit programs I present this month.
Articles on Apis 