Encrypt / Decrypt with OpenEdge v10.2b

Posted by MarkT on 02-Apr-2018 18:10

Hi All,

Has anyone had any problems using the Encrypt / Decrypt keywords within OpenEdge 10.2b (patch 8)?

(Code cut down to bare minimum - I'm working with longchars)

For encrypt I have something like this:

ASSIGN c_ip_w_algo = "AES_CBC_128".

               r_w_key = GENERATE-PBE-KEY(c_ip_key).
               r_w_cipher_data = ENCRYPT(c_ip_inp_long, r_w_key, ?, c_ip_w_algo) NO-ERROR.
IF NOT ERROR-STATUS:ERROR THEN
DO:
  ASSIGN c_op_enc_long = BASE64-ENCODE(r_w_cipher_data).
END.

For decrypt I have something like this:

ASSIGN bkey = GENERATE-PBE-KEY(c_ip_key)

               c_ip_w_algo = "AES_CBC_128"

               r_w_cipher_data = DECRYPT(BASE64-DECODE(c_ip_enc_data), bKey, ?, c_ip_w_algo) NO-ERROR.

IF NOT ERROR-STATUS:ERROR THEN
DO:
  COPY-LOB FROM r_w_cipher_data TO c_op_dec_data NO-ERROR.
END.

I have found "AES_CBC_128" is the only type that comes back without an error - and I'm not 100% sure this is working as it should be. 

Any advice would be useful..

Thanks,

Mark

Posted by Rob Fitzpatrick on 03-Apr-2018 14:03

This article:

https://knowledgebase.progress.com/articles/Article/P100444/p

shows the use of encrypt/decrypt with raw variables, as you have done.  But this article:

https://knowledgebase.progress.com/articles/Article/data-encrypted-on-unix-fails-to-decrypt-on-windows/p

suggests a different approach using memptr variables and set-byte-order.  You could give that approach a try and compare the results to your current code.  Hope this helps.

All Replies

Posted by gus bjorklund on 03-Apr-2018 11:32

well, for one thing, longchars may only contain characters valid for the code page being used. and embedded nul bytes are not allowed.

the encrypt function produces binary data as output, not characters. so you cannot store the encrypted text in a longchar.

-gus

Posted by MarkT on 03-Apr-2018 13:24

Hi Gus,

Does the Base64-Encode not help in that respect?

Any suggestions?

Thanks,

Mark

Posted by Rob Fitzpatrick on 03-Apr-2018 13:55

> so you cannot store the encrypted text in a longchar.

He appears to be assigning the encrypt output to a raw and storing the base64-encoded version of that in a longchar.  That should work.

> I have found "AES_CBC_128" is the only type that comes back without an error - and I'm not 100% sure this is working as it should be.

Can you elaborate on this? Where do you see errors; encrypt, decrypt, or both?  What are the errors?

Can you compare the results you get in OE to some other encryption utility with the same test data and key?

Posted by Rob Fitzpatrick on 03-Apr-2018 14:03

This article:

https://knowledgebase.progress.com/articles/Article/P100444/p

shows the use of encrypt/decrypt with raw variables, as you have done.  But this article:

https://knowledgebase.progress.com/articles/Article/data-encrypted-on-unix-fails-to-decrypt-on-windows/p

suggests a different approach using memptr variables and set-byte-order.  You could give that approach a try and compare the results to your current code.  Hope this helps.

Posted by gus bjorklund on 04-Apr-2018 17:08

sorry.

yes, Mark, base 64 encoding produces a subset of ascii text as output. your code snippet did not include any declarations.

you said you were working with longchars.

Posted by MarkT on 05-Apr-2018 11:41

Thanks a lot for the help guys!

This thread is closed