**** DES2_README.TXT ****
This directory contains a simple DES encryption/decryption
program that uses CDSA, and participates in bilateral
authentication. It links explictly against CDSA$INCSSM300_SHR.EXE.
This example is designed to be signed using the CDSA signing tools.
********************
** Special Note **
********************
Sys$common:[syshlp.examples.cdsa]readme.txt contains general
information that applies to all of the example programs that are signed.
The necessary files to build the example on OpenVMS are included,
with the exception of appselfkey.h. This include file must be
generated from the certificate created for the application(s).
See the OpenVMS book "Open Source Security for OpenVMS, Volume 1: Common Data
Security Architecture", CDSA Programing Concepts, for complete instructions.
Special attention should be paid to the section on Signed Application Development.
A signed CDSA application will not execute until the proper credentials are
generated.
***********
The DES2 example files are:
CALLOUTS.C CALLOUTS.H DES2_BUILD.COM DES2_SIGN.COM
DES2.C PRECOMP.H DES2.OPT DES2_INSTALL.COM
DO_DES2.C DESGUID.H DES2_INS.OPT
INSTALL_DES2.C (APPSELFKEY.H not provided, user generated)
After performing the steps to generate the application credentials
and the include file, appselfkey.h,the DES2 example program can be
built by copying the example files into a local build
area, and executing the DES2_BUILD command file, as follows:
$ define/trans=conceal cdsa_tempdir :[.]
$ set default cdsa_tempdir:[DES2]
$ copy SYS$SYSROOT:[SYSHLP.EXAMPLES.CDSA.DES2]*.* []
$ copy cdsa_sysdir:[sign]appselfkey.h []
$ @DES2_BUILD
The resulting image must be 'signed'.
**************
On the SIGNING SYSTEM run the command procedure to generate the manifest.
**************
$ @DES2_sign
Finally back on the development system run the command procedure
to install the module.
$ @DES2_INSTALL
The application DES2.EXE can be run as a foreign command. This can be set up
via:
$ DES2 :== $CDSA_TEMPDIR:[DES2]DES2.EXE
The program can then be executed with the following options:
-e : encrypt with supplied key (requires -k switch)
-d : decrypt with supplied key (requires -k switch)
-h : specifies that the supplied key is a 16 character
hexadecimal number
-k key : use key "key" (apostrophes {aka, single quotes} are necessary if used with -h)
To encrypt MYFILE.TXT using an ascii key with the DES example program, you
would issue the following command:
$ des2 -e -k "xyzzy" MYFILE.TXT MYFILE.DES
To decrypt the same file, you would issue this command:
$ des2 -d -k "xyzzy" MYFILE.DES MYFILE.TXT
To encrypt/decrypt using a hexadecimal key, use a key length of exactly 16
typed characters (8 hex bytes), and the -h switch as follows:
$ des2 -e -k '012abcde012abcde' -h MYFILE.TXT MYFILE.DES
$ des2 -d -k '012abcde012abcde' -h MYFILE.DES MYFILE.TXT
![[TXT]](/httpd/-/text.gif)