Create AS400.newInstance() methods. Make SecureAS400 skinny as possible.

src/main/java/com/ibm/as400/access/AS400NoThreadServer.java

@@ -259,4 +259,14 @@ void setSoTimeout(int timeout) throws SocketException {
       socket_.setSoTimeout(timeout); 
 
     }
+
+    @Override
+    public void setExchangeAttrReply(DataStream xChgAttrReply) {
+      exchangeAttrReply_ = xChgAttrReply;
+    }
+
+    @Override
+    public SocketContainer getSocket() {
+      return socket_;
+    }
 }

src/main/java/com/ibm/as400/access/AS400Server.java

@@ -47,6 +47,7 @@ static final int getServerId(String serviceName)
         if ("as-dtaq".equals(serviceName)) return 0xE007;
         if ("as-rmtcmd".equals(serviceName)) return 0xE008;
         if ("as-signon".equals(serviceName)) return 0xE009;
+        if ("as-hostcnn-s".equals(serviceName)) return AS400.HCS;
 
         Trace.log(Trace.ERROR, "Invalid service name: " + serviceName);
         throw new InternalErrorException(InternalErrorException.UNKNOWN);
@@ -70,6 +71,7 @@ static final int getServerId(int service)
             case AS400.DATAQUEUE: return 0xE007;
             case AS400.COMMAND:   return 0xE008;
             case AS400.SIGNON:    return 0xE009;
+            case AS400.HCS:       return 0xE00B;
         }
         Trace.log(Trace.ERROR, "Invalid service:", service);
         throw new InternalErrorException(InternalErrorException.UNKNOWN);
@@ -86,13 +88,14 @@ static int getServiceId(String serviceName)
         if (serviceName.equals("as-database")) return AS400.DATABASE;
         if (serviceName.equals("as-central")) return AS400.CENTRAL;
         if (serviceName.equals("as-signon")) return AS400.SIGNON;
+        if (serviceName.equals("as-hostcnn-s")) return AS400.HCS;
 
         Trace.log(Trace.ERROR, "Invalid service: " + serviceName);
         throw new InternalErrorException(InternalErrorException.UNKNOWN);
     }
 
     // The following static array holds the reply streams hash tables for all server daemons.  These Hashtables are populated by the access classes using the addReplyStream(...) method.
-    static Hashtable[] replyStreamsHashTables =  { new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable() };
+    static Hashtable[] replyStreamsHashTables =  { new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable(), new Hashtable() };
 
     // Add a prototype reply data stream to the collection of reply prototypes.  There must be a prototype reply for every type of reply that must be constructed automatically on receipt.  This method detects an attempt to add the same prototype reply more than once and ignores redundant attempts.
     // @param  replyStream  The prototype reply data stream to be added.
@@ -106,11 +109,12 @@ public static void addReplyStream(DataStream replyStream, int service)
         replyStreamsHashTables[service].put(replyStream, replyStream);
     }
 
-
+    public abstract SocketContainer getSocket();
     abstract int getService();
     abstract String getJobString();
     abstract boolean isConnected();
     public abstract DataStream getExchangeAttrReply();
+    public abstract void setExchangeAttrReply(DataStream xChgAttrReply);
     public abstract DataStream sendExchangeAttrRequest(DataStream req) throws IOException, InterruptedException;
     abstract void addInstanceReplyStream(DataStream replyStream);
     abstract void clearInstanceReplyStreams();

src/main/java/com/ibm/as400/access/AS400StrSvrDS.java

@@ -23,66 +23,147 @@ class AS400StrSvrDS extends ClientAccessDataStream
 
     AS400StrSvrDS(int serverId, byte[] userIDbytes, byte[] authenticationBytes, int byteType)
     {
-        super(new byte[(userIDbytes == null) ? 28 + authenticationBytes.length : 44 + authenticationBytes.length]);
+      super(new byte[(userIDbytes == null) ? 28 + authenticationBytes.length : 44 + authenticationBytes.length]);
 
-        setLength(data_.length);
-        // Header ID replaced with Attributes.
-        data_[4] = 0x02;  // Client Attributes, 2 means can get job info back.
-        // data_[5] = 0x00;  // Server Attributes.
-        setServerID(serverId);
-        // setCSInstance(0x00000000);
-        // setCorrelation(0x00000000);
-        setTemplateLen(2);
-        setReqRepID(0x7002);
-
-        //@AF2A 
-        if (byteType == AS400.AUTHENTICATION_SCHEME_IDENTITY_TOKEN) 
-        	data_[20] = (byte)0x06;
-        else 
-        	data_[20] = (byte)0x02;
-
-        if (byteType == AS400.AUTHENTICATION_SCHEME_GSS_TOKEN)
-        	data_[20] = (byte)0x05;
-
-        if (byteType == AS400.AUTHENTICATION_SCHEME_PASSWORD) {
-        	if (authenticationBytes.length == 8) {
-        		data_[20] = (byte)0x01;
-        	} else if (authenticationBytes.length == 20) {
-        		data_[20] = (byte)0x03;
-        	} else {
-        		data_[20] = (byte)0x07;
-        	}
+      setLength(data_.length);
+      // Header ID replaced with Attributes.
+      data_[4] = 0x02;  // Client Attributes, 2 means can get job info back.
+      // data_[5] = 0x00;  // Server Attributes.
+      setServerID(serverId);
+      // setCSInstance(0x00000000);
+      // setCorrelation(0x00000000);
+      setTemplateLen(2);
+      setReqRepID(0x7002);
+
+      //@AF2A 
+      if (byteType == AS400.AUTHENTICATION_SCHEME_IDENTITY_TOKEN) 
+        data_[20] = (byte)0x06;
+      else 
+        data_[20] = (byte)0x02;
+
+      if (byteType == AS400.AUTHENTICATION_SCHEME_GSS_TOKEN)
+        data_[20] = (byte)0x05;
+
+      if (byteType == AS400.AUTHENTICATION_SCHEME_PASSWORD) {
+        if (authenticationBytes.length == 8) {
+          data_[20] = (byte)0x01;
+        } else if (authenticationBytes.length == 20) {
+          data_[20] = (byte)0x03;
+        } else {
+          data_[20] = (byte)0x07;
         }
-        //data_[20] = (byteType == AS400.AUTHENTICATION_SCHEME_PASSWORD) ? (authenticationBytes.length == 8) ? (byte)0x01 : (byte)0x03 : (byteType == AS400.AUTHENTICATION_SCHEME_GSS_TOKEN) ? (byte)0x05 : (byteType == AS400.AUTHENTICATION_SCHEME_IDENTITY_TOKEN) ? (byte)0x06 : (byte)0x02;
-        //@AF2A End
+      }
+      //data_[20] = (byteType == AS400.AUTHENTICATION_SCHEME_PASSWORD) ? (authenticationBytes.length == 8) ? (byte)0x01 : (byte)0x03 : (byteType == AS400.AUTHENTICATION_SCHEME_GSS_TOKEN) ? (byte)0x05 : (byteType == AS400.AUTHENTICATION_SCHEME_IDENTITY_TOKEN) ? (byte)0x06 : (byte)0x02;
+      //@AF2A End
 
-        data_[21] = 0x01;  // Send reply true.
+      data_[21] = 0x01;  // Send reply true.
 
-        // Set password or authentication token.
-        //   LL
-        set32bit(6 + authenticationBytes.length, 22);
-        //   CP
-        if (byteType == AS400.AUTHENTICATION_SCHEME_PASSWORD)
-        {
-            set16bit(0x1105, 26);
-        }
-        else
-        {
-            set16bit(0x1115, 26);
-        }
-        //   Data.
-        System.arraycopy(authenticationBytes, 0, data_, 28, authenticationBytes.length);
+      // Set password or authentication token.
+      //   LL
+      set32bit(6 + authenticationBytes.length, 22);
+      //   CP
+      if (byteType == AS400.AUTHENTICATION_SCHEME_PASSWORD)
+      {
+          set16bit(0x1105, 26);
+      }
+      else
+      {
+          set16bit(0x1115, 26);
+      }
+      //   Data.
+      System.arraycopy(authenticationBytes, 0, data_, 28, authenticationBytes.length);
+
+      if (userIDbytes != null)
+      {
+          // Set user ID info.
+          //   LL
+          set32bit(16, 28 + authenticationBytes.length);
+          //   CP
+          set16bit(0x1104, 32 + authenticationBytes.length);
+          //   EBCDIC user ID.
+          System.arraycopy(userIDbytes, 0, data_, 34 + authenticationBytes.length, 10);
+      }
+    }
+
+
+    AS400StrSvrDS(int serverId, byte[] userIDbytes, byte[] authenticationBytes, int byteType, char[] addAuthFactor)
+    {
+      super(new byte[((userIDbytes == null) ? 28 + authenticationBytes.length : 44 + authenticationBytes.length) +
+                     ((addAuthFactor != null && addAuthFactor.length > 0) ? (addAuthFactor.length + 6) : 0)]);
 
-        if (userIDbytes != null)
-        {
-            // Set user ID info.
-            //   LL
-            set32bit(16, 28 + authenticationBytes.length);
-            //   CP
-            set16bit(0x1104, 32 + authenticationBytes.length);
-            //   EBCDIC user ID.
-            System.arraycopy(userIDbytes, 0, data_, 34 + authenticationBytes.length, 10);
+      setLength(data_.length);
+      // Header ID replaced with Attributes.
+      data_[4] = 0x02;  // Client Attributes, 2 means can get job info back.
+      // data_[5] = 0x00;  // Server Attributes.
+      setServerID(serverId);
+      // setCSInstance(0x00000000);
+      // setCorrelation(0x00000000);
+      setTemplateLen(2);
+      setReqRepID(0x7002);
+
+      int offset = 20;
+
+      //@AF2A 
+      if (byteType == AS400.AUTHENTICATION_SCHEME_IDENTITY_TOKEN) 
+        data_[20] = (byte)0x06;
+      else 
+        data_[20] = (byte)0x02;
+
+      if (byteType == AS400.AUTHENTICATION_SCHEME_GSS_TOKEN)
+        data_[20] = (byte)0x05;
+
+      if (byteType == AS400.AUTHENTICATION_SCHEME_PASSWORD) {
+        if (authenticationBytes.length == 8) {
+          data_[20] = (byte)0x01;
+        } else if (authenticationBytes.length == 20) {
+          data_[20] = (byte)0x03;
+        } else {
+          data_[20] = (byte)0x07;
         }
+      }
+
+      data_[21] = 0x01;  // Send reply true.
+
+      // Set password or authentication token.
+      //   LL
+      set32bit(6 + authenticationBytes.length, 22);
+      //   CP
+      if (byteType == AS400.AUTHENTICATION_SCHEME_PASSWORD)
+      {
+          set16bit(0x1105, 26);
+      }
+      else
+      {
+          set16bit(0x1115, 26);
+      }
+      //   Data.
+      System.arraycopy(authenticationBytes, 0, data_, 28, authenticationBytes.length);
+
+      if (userIDbytes != null)
+      {
+          // Set user ID info.
+          //   LL
+          set32bit(16, 28 + authenticationBytes.length);
+          //   CP
+          set16bit(0x1104, 32 + authenticationBytes.length);
+          //   EBCDIC user ID.
+          System.arraycopy(userIDbytes, 0, data_, 34 + authenticationBytes.length, 10);
+
+          offset = 34 + authenticationBytes.length + 10;
+      }
+      else {
+        offset = 28;
+      }
+
+      if (addAuthFactor != null && addAuthFactor.length > 0)
+      {
+        String TOTP = new String(addAuthFactor);
+
+        set32bit(6 + addAuthFactor.length, offset);
+        set16bit(0x112F, offset + 4);
+
+        System.arraycopy(TOTP.getBytes(), 0, data_, offset + 6, TOTP.length());
+      }
     }
 
     void write(OutputStream out) throws IOException

src/main/java/com/ibm/as400/access/AS400ThreadedServer.java

@@ -510,4 +510,14 @@ int getSoTimeout() throws SocketException {
     void setSoTimeout(int timeout) throws SocketException {
       socket_.setSoTimeout(timeout);
     }
+
+    @Override
+    public void setExchangeAttrReply(DataStream xChgAttrReply) {
+      exchangeAttrReply_ = xChgAttrReply;
+    }
+
+    @Override
+    public SocketContainer getSocket() {
+      return socket_;
+    }
 }

src/main/java/com/ibm/as400/access/AS400XChgRandSeedDS.java

@@ -20,7 +20,8 @@
 class AS400XChgRandSeedDS extends ClientAccessDataStream
 {
   private static final String copyright = "Copyright (C) 1997-2001 International Business Machines Corporation and others.";
-
+  private byte[] seed;
+
     AS400XChgRandSeedDS(int serverId)
     {
         super(new byte[28]);
@@ -53,13 +54,53 @@ class AS400XChgRandSeedDS extends ClientAccessDataStream
         data_[26] = (byte)(low >>> 8);
         data_[27] = (byte)low;
     }
+
+    AS400XChgRandSeedDS(int serverId, boolean isHCS)
+    {
+      super(new byte[34]);
+      setLength(34);
+      setHeaderID(0x00000000);
+      setServerID(serverId);
+      setTemplateLen(0);
+      setReqRepID(0x7103);
+
+      // Optional Parameters
+      set32bit(14, 20);
+      set16bit(0x1103, 24);
+
+      // We generate a "random" seed using the current time in milliseconds.
+      // This seed will be used to encrypt the password.
+      long t = System.currentTimeMillis();
+
+      // Performance: break into 2 ints first and avoid long temporaries.
+      int high = (int)(t >>> 32);
+      int low = (int)t;
+
+      data_[26] = (byte)(high >>> 24);
+      data_[27] = (byte)(high >>> 16);
+      data_[28] = (byte)(high >>> 8);
+      data_[29] = (byte)high;
+
+      data_[30] = (byte)(low >>> 24);
+      data_[31] = (byte)(low >>> 16);
+      data_[32] = (byte)(low >>> 8);
+      data_[33] = (byte)low;
+
+      seed = new byte[8];
+      System.arraycopy(data_, 26, seed, 0, 8);
+    }
 
     byte[] getClientSeed()
     {
         byte[] seed = new byte[8];
         System.arraycopy(data_, 20, seed, 0, 8);
         return seed;
     }
+
+    byte[] getHCSClientSeed()
+    {
+      return seed;
+    }
 
     void write(OutputStream out) throws IOException
     {

src/main/java/com/ibm/as400/access/AS400XChgRandSeedReplyDS.java

@@ -42,6 +42,28 @@ byte[] getServerSeed()
         System.arraycopy(data_, 24, seed, 0, 8);
         return seed;
     }
+
+    int findCP(int cp)
+    {
+      int offset = 24;
+      while (offset < data_.length - 1)
+      {
+        int LLCP = get16bit(offset + 4);
+        if (LLCP == cp) return offset;
+        offset += get32bit(offset);
+      }
+      return -1;
+    }
+
+    byte[] getHCSServerSeed()
+    {
+      int offset = findCP(0x1103);
+      if (offset == -1) return new byte[0];
+
+      byte[] seed = new byte[8];
+      System.arraycopy(data_, offset + 6, seed, 0, 8);
+      return seed;
+    }
 
     void read(InputStream in) throws IOException
     {

src/main/java/com/ibm/as400/access/ClientAccessDataStream.java

@@ -22,7 +22,7 @@
  * Provides methods to access common client access data stream header.
  * 
  */
-public class ClientAccessDataStream extends DataStream
+class ClientAccessDataStream extends DataStream
 {
   static final String copyright = "Copyright (C) 1997-2001 International Business Machines Corporation and others.";