× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2008

RE: passing encrypted data from .net to RPG

Thanks Scott, I did miss that part in my message. We are already converting the encrypted string to base64 before putting it in the cookie. So if I got this straight the process would be...
- decide what data I want to place in the cookie
- encrypt it using tdes
- convert the encrypted data to base64
- write the string to the cookie

And on the i5 side
- get the cookie
- base64 decode it
- decrypt using tdes
- convert ascii to ebcdic


Or, if ,.net can do it..
- decide what data I want to place in the cookie
- convert ascii to ebcdic
- encrypt it using tdes
- convert the encrypted data to base64
- write the string to the cookie

And on the i5 side
- get the cookie
- base64 decode it
- decrypt using tdes


Doesn't the tdes encryption process convert the passcode to a key and the key is then used to do the encryption? Would the .net ascii based tdes encryption process create the same key as the i5 ebcdic based tdes encryption process?


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Scott Klement
Sent: Monday, December 15, 2008 12:46 PM
To: Midrange Systems Technical Discussion
Subject: Re: passing encrypted data from .net to RPG

Hi Mike,

Encrypted values are not typically text. This creates two problems:
a) Cookies are required to be text.
b) ASCII/EBCDIC translation will corrupt them.

You already guessed at (b), but perhaps you don't realize that (a) is a
problem as well. A cookie is a text string. There are certain
characters that are never allowed in a cookie, these include the CR and
LF characters amongst other things. Even if you do no ASCII/EBCDIC
translation, a pure 8-bit binary value (which is what cryptography
routines always output) is not valid in a cookie.

There are tools that let you encode data in a binary-safe manner.
base64 is probably the best one. After encrypting your data, base64
encode it. This will give you a value that's okay to put in a cookie.

Then, in the RPG program, base64 decode it. The result should be the
exact same binary values. (It doesn't matter if the encoded data was
converted from ASCII to EBCDIC -- the decode should still yield the
exact same binary values.)

HTH

Mike Cunningham wrote:
We are working on a project where we need to use a .net application
to create and write a string into a browser cookie that has been
encrypted using tdes and then have an i5 RPG application retrieve
that cookie and decrypt the string back to its original values. Is
the translation from an ASCII system to an EBCDIC system going to
give us problems in this process? If so has anyone done this and
know what needs done to make it possible?

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.