/* REXX */                                                              00010000
/* REXCRTS - List all 0207 cert records                              */ 00020019
/*           Flag Self-Signed and Expired Certs and Trusted Certs    */ 00030039
/*           Definitions:                                            */ 00040019
/*             Self-Signed = issuer name = subject name              */ 00050019
/*             Expired = today's date is beyond cert end date        */ 00060019
/*                                                                   */ 00070000
/*    Uses           +  0207 User Cert Name Record                   */ 00080000
/*                        Get Userid & Label                         */ 00090019
/*                   +  0500 Gen resource basic data record          */ 00100032
/*                        Get Trust status                           */ 00110032
/*                   +  0560 User Cert Name Record                   */ 00111032
/*                        Get End Date                               */ 00112032
/*                   +  1560 User Cert Name Record                   */ 00120019
/*                        Issuer Name and Subject Name               */ 00130019
/*                                                                   */ 00140000
/*  2016/03/05 - Created by Harold Clough, SSO-Mechanicsburg.        */ 00150039
/*  2016/05/23 - CLFenton added collection of 0500 record and        */ 00151039
/*               changed format of output report.                    */ 00152039
/*------------------------------------------------------------------ */ 00160000
/*trace r?*/                                                            00161040
/* initialize table counters    */                                      00170016
 usn = 0      /* 207 recs       */                                      00180016
 sst = 0      /* self-signed    */                                      00190016
 exp = 0      /* expired        */                                      00200016
 dis = 0      /* output recs    */                                      00210028
 tru = 0      /* trust          */                                      00211032
 ssc = 0                                                                00212040
 exc = 0                                                                00213040
                                                                        00220005
/* Main Driver                                             */           00230028
/* dbufile is IRRDBU00 unloaded dataset                    */           00240028
"EXECIO * DISKR dbufile (stem dbfle. FINIS"                             00250000
say 'Total Records in unloaded dataset ==> 'dbfle.0                     00260000
call get_date                                                           00270021
do a = 1 to dbfle.0                                                     00280021
  Rec_type = substr(dbfle.a,1,4)                                        00290021
  if Rec_type = 0207 then                                               00300021
     call Process207                                                    00310021
  if Rec_type = 0500 then                                               00311032
     call Process500                                                    00312032
  if Rec_type = 1560 then                                               00320021
     call Process1560                                                   00330021
  if Rec_type = 0560 then                                               00340021
     call Process0560                                                   00350021
end         /*  do a  */                                                00360021
say 'Search Completed . . . '                                           00370029
call bld_outtab                                                         00380021
call prnt_list                                                          00390021
exit                                                                    00400000
                                                                        00410019
/*      */                                                              00420000
/* Subs */                                                              00430000
/*      */                                                              00440000
/* Subroutines to print records in groups                     */        00450000
/* prnt_group                                                 */        00460000
get_date:                                                               00470027
 date8 = date('S')         /*20150219 */                                00480027
 date9 = insert('-',date8,4)   /*2015-0219*/                            00490027
 date10 = insert('-',date9,7)  /*2015-02-19*/                           00500027
return                                                                  00510027
/*      */                                                              00520019
prnt_list:                                                              00530027
/* Write a report header        */                                      00540028
 queue '***                                                           ' 00550031
 queue '*** List all certificates, show expired and self-signed       ' 00560031
 queue '*** Summary: Total Certs='usn 'Self-Signed='ssc 'Expired='exc   00570040
 queue '***                                                           ' 00580031
 queue 'USERID   LABEL                                               '  00590040
 queue '-------- --------------------------------                    '  00600040
 "EXECIO 6 DISKW rexout"                                                00610029
/* Write a report info          */                                      00620028
 makebuf                                                                00630027
  do dis = 1 to usn                                                     00640027
    parse var outtab.dis fld1'!'fld2'!'fld3'!'StartDate EndDate,        00641037
      Trust                                                             00642037
    queue fld1                                                          00650034
    call par_fld                                                        00650234
    queue '  Active Date   'StartDate                                   00651034
    queue '  Expire Date   'EndDate                                     00652034
    queue '  Trusted       'Trust                                       00652137
    queue ' '                                                           00652237
/*  queue '  Issuer  DN -  'fld2                                        00653034
    queue '  Subject DN -  'fld3*/                                      00654034
   end                                                                  00660027
  "EXECIO * DISKW rexout (finis"                                        00670027
 dropbuf                                                                00680027
return                                                                  00690027
par_fld:                                                                00691034
hdr = '  Issuer  DN - '                                                 00691134
do until fld2 = ""                                                      00692034
  parse var fld2 fld +52 fld2                                           00693034
  queue hdr fld                                                         00694034
  hdr = '               '                                               00694134
end                                                                     00695034
hdr = '  Subject DN - '                                                 00695134
do until fld3 = ""                                                      00695234
  parse var fld3 fld +52 fld3                                           00695334
  queue hdr fld                                                         00695434
  hdr = '               '                                               00695534
end                                                                     00695634
return                                                                  00696034
/* build the output table                                     */        00700005
bld_outtab:                                                             00710027
 makebuf                                                                00720027
 do  e = 1 to usn  /* go thru stored 207 recs */                        00730027
 /* UStab.usn = USCERT_USER USCERT_CERTLABL UCN_207           */        00740027
 parse var UStab.e userid +8 10 label +32 43 ucn_207 +246 .             00750027
 /* The F loop will flag self-signed certs                     */       00760027
 ssflag = "No "   /* reset flag before entering loop */                 00770040
 if sst > 0 then /* only do if we have some ss certs */                 00780027
   do                                                                   00790027
    do f = 1 to sst  /* go thru list of self-signed certs */            00800027
    /* Tab1560.sst = UCN_1560  */                                       00810027
    parse var Tab1560.f ucn_ss '!' ucn_idn '!' ucn_sdn                  00820034
    if ucn_ss = ucn_207 then do                                         00830039
      if ucn_idn = ucn_sdn then do                                      00840040
        ssc = ssc + 1                                                   00841040
        ssflag = "Yes"                                                  00850040
        end                                                             00851040
      leave f                                                           00860039
     end  /* end if ucn_exp */                                          00870027
    end  /* do f */                                                     00880027
 end  /* if sst > 0 */                                                  00890027
 /* The m loop will flag expirec certs                         */       00900027
 exflag = "No "   /* reset flag before entering loop */                 00910040
 if exp > 0 then /* only do if we have some expired certs */            00920027
   do                                                                   00930027
    do m = 1 to exp  /* go thru list of expired certs */                00940027
    /* Tab0560.exp = UCN_0560  */                                       00950027
    parse var Tab0560.m ucn_ex +246 StartDate EndDate                   00960034
    if ucn_ex = ucn_207 then                                            00970027
     do                                                                 00980027
/*     say date10 EndDate StartDate*/                                   00980139
       if EndDate < date10 then do                                      00981034
         exc = exc + 1                                                  00982040
         exflag = "Yes"                                                 00990040
       end  /* end if EndDate */                                        00991035
       leave m                                                          01000035
     end  /* end if ucn_ex */                                           01011034
    end  /* do m */                                                     01020027
   end  /* do if exp > 0 */                                             01030027
 /*  say userid label "EXP="exflag "SS="ssflag                  */      01040027
 if tru > 0 then /* only do if we have some expired certs */            01042037
   do                                                                   01043037
    do m = 1 to tru  /* go thru list of expired certs */                01044037
    /* Tab0560.exp = UCN_0560  */                                       01045037
    parse var Tab0500.m tru_ex +246 Trust                               01046037
    if tru_ex = ucn_207 then do                                         01047037
/*    say userid label Trust*/                                          01048239
      if Trust = "TRUST" then Trust = 'Yes'                             01048337
      if Trust = "NOTRUST" then Trust = 'No'                            01048437
      if Trust = "HIGHTRST" then Trust = 'High'                         01048537
      leave m                                                           01049437
     end  /* end if ucn_ex */                                           01049537
    end  /* do m */                                                     01049637
   end  /* do if exp > 0 */                                             01049737
 /*  say userid label "EXP="exflag "SS="ssflag                  */      01049837
 outtab.e = userid label "Expired="exflag "   ",                        01050040
   "Self-Signed="ssflag                                                 01050140
 outtab.e = outtab.e'!'ucn_idn'!'ucn_sdn'!'StartDate EndDate Trust      01051037
 end  /* do e */                                                        01060027
 dropbuf                                                                01070027
return                                                                  01080027
/*          */                                                          01090027
process207:                                                             01100027
 dbfle.a = dbfle.a                                                      01101039
 USCERT_USER = substr(dbfle.a,6,8)                                      01110027
/*  parse var dbfle.a 15 USCERT_SN "." .  Use this if you want sn */    01120027
 UCN_207 = substr(dbfle.a,15,246)                                       01130027
 USCERT_CERTLABL = substr(dbfle.a,262,32)                               01140027
 usn = usn + 1                                                          01150027
 UStab.usn = USCERT_USER USCERT_CERTLABL UCN_207                        01160027
return                                                                  01170027
/*          */                                                          01180027
process500:                                                             01190033
 dbfle.a = dbfle.a                                                      01191039
 UCN_0500 = substr(dbfle.a,6,246)  /* 246-Char Cert Name */             01200032
 grbd_uacc = substr(dbfle.a,337,8) /* uacc - trust/notrust/hightrst */  01210032
 tru = tru + 1             /* sst = counter for ss certs */             01240032
 Tab0500.tru = UCN_0500 grbd_uacc                                       01250037
return                                                                  01270027
/*          */                                                          01280027
process0560:                                                            01281032
 dbfle.a = dbfle.a                                                      01281139
 UCN_0560 = substr(dbfle.a,6,246)  /* 246-Char Cert Name */             01282032
 StartDate = substr(dbfle.a,262,10)    /* Start Date */                 01283032
 EndDate = substr(dbfle.a,282,10)    /* End Date */                     01283132
 exp = exp + 1             /* sst = counter for ss certs */             01286032
 Tab0560.exp = UCN_0560 StartDate EndDate                               01287036
return                                                                  01289032
/*          */                                                          01289132
process1560:                                                            01290027
 dbfle.a = dbfle.a                                                      01291039
 UCN_1560 = substr(dbfle.a,6,246)  /* 246-Char Cert Name */             01300027
 IDN = substr(dbfle.a,262,1024)    /* Issuer DN */                      01310027
 SDN = substr(dbfle.a,1287,1024)   /* Subject DN */                     01320027
 sst = sst + 1             /* sst = counter for ss certs */             01350039
 Tab1560.sst = UCN_1560'!'IDN'!'SDN                                     01360039
return                                                                  01380027
/** end of subroutines                                      */          01390005
