Enter crypto password in the crypto password table of the task

Function

The ADD-CRYPTO-PASSWORD command supplies a job with crypto passwords, which are required to decrypt encrypted files. The crypto password table is set up for the job the first time the ADD-CRYPTO-PASSWORD is issued with the crypto passwords specified there. The table is extended each time the command is called. The crypto password table is automatically deleted at the end of the job. The /REMOVE-CRYPTO-PASSWORD command can be used to delete individual crypto password entries or all the crypto password entries from the table before the end of the job.

When an encrypted file is accessed the system searches the crypto password table for the required crypto password. If it is entered there, access is permitted.

Note

If the rare case of the command being rejected with message DMS066A should occur, this means that the caller has specified a crypto password that, for cryptographic reasons, may not be used. In this case another crypto password must be selected.

Crypto passwords can be up to 8 characters long. Crypto passwords with less than 8 characters are stored left-justified within the system and filled with binary zeros. This means that the two crypto passwords C’ABCD’ and C’ABCD'BLANK''BLANK''BLANK''BLANK'’ which are specified in the form of a C string are not identical, and owing to the different internal representation two different crypto passwords are calculated by the cryptographic algorithm:

All crypto passwords and crypto password specifications entered under an active task are counted. Crypto passwords which are entered more than once are ignored and not included in the count.

If the system threshold value for the maximum number of crypto passwords in the crypto password table which is defined with the system parameter PWACTIVE is reached when crypto passwords are entered, the message DMS0691 is output and any further crypto password entry is rejected. This applies for both normal users and systems support. The table entries can be reduced using the /REMOVE-CRYPTO-PASSWORD command and the table made ready to receive new entries.
If the system threshold value for the maximum number of crypto passwords entered into the crypto password table which is defined with the system parameter PWENTERD is reached when crypto passwords are entered under a task, the message DMS0692 is output and any further crypto password entry is rejected. This applies for both normal users and systems support.

Regardless of the setting for the system parameter ENCRYPT, crypto password are always stored in encrypted form in the crypto password table.

For information on encrypting files, see also the manual “Introductory Guide to DMS” [13].

REMOTE-FILE-ACCESS

The ADD-CRYPTO-PASSWORD command is automatically forwarded to all RFA partner processes by the requesting job.

Format

Operands

PASSWORD = *SECRET / list-poss(20): <c-string 1..8> / <x-string 1..16>
Passwords which are to be entered into the crypto password table. Up to 20 crypto passwords can be specified in a command. The specification is not case-sensitive.
The operand has the following special characteristics:

• The input field is automatically blanked out in the guided dialog.

• In unguided dialog and foreground procedures, the entry *SECRET or ^, SDF provides a blanked out input field for inputting the password.

• The password entered is not logged. 

Return codes