Be sure to verify the integrity of your application's r-code.

To provide r-code integrity and security in your application:

  1. Build the procedure security table, RcodeSecurity, with these fields:
    • FilenameCHARACTER field for the pathname of each r-code file
    • CRCINTEGER field for the r-code CRC of the specified r-code file
  2. Construct a text file, crctable.dat, that contains a list of the pathnames, relative to the working directory, for all the secure procedures called by your application.
  3. Compile and save the r-code for all the secure procedures in your application.
  4. Run a procedure that contains code to build the RcodeSecurity table. For example: 
    DEFINE VARIABLE cProcName AS CHARACTER NO-UNDO FORMAT "x(32)".
DEFINE VARIABLE ix        AS INTEGER   NO-UNDO.
INPUT FROM "crctable.dat". /* List of r-code file pathnames */
REPEAT:
  SET cProcName.
  FIND RcodeSecurity WHERE RcodeSecurity.Filename = cProcName NO-ERROR.
  IF NOT AVAILABLE(RcodeSecurity) THEN
    CREATE RcodeSecurity.
  ASSIGN
    RCODE-INFO:FILE-NAME   = cProcName.
    RcodeSecurity.Filename = cProcName
    RcodeSecurity.Crc      = RCODE-INFO:CRC-VALUE
    ix                     = ix + 1.
END.
INPUT CLOSE.
MESSAGE ix "procedure security records created".
  5. At each point where you call a secure procedure in your application, insert this code: 
    FIND RcodeSecurity WHERE RcodeSecurity.Filename = "secret.r".
RCODE-INFO:FILE-NAME = "secret.r".
IF RcodeSecurity.Crc = RCODE-INFO:CRC-VALUE THEN
  RUN secret.
ELSE DO:
  MESSAGE "Procedure secret.r is invalid.".
  QUIT.
END.