MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » September 2012

RE: Using QSYRUPWD to write a script file



fixed

Just a sketch... The table is keyed (host id, application id, attribute id, optional id) and also containing a "for bit data" varying length field for storing the data. A column in the record is used to signal that encryption should be used on the data element.

In my service program, for retrieval, I use something like this:

SELECT Case when ENCRYPTVAL = '1'
then trim(decrypt_char(ATRIBVALUE))
else trim(ATRIBVALUE) end,
...
into :lReturnVal , ...
FROM a_register
where HOSTID = :lHostID and
APPID = :pAppID and
ATRIBID = :pAtribID and
OPTIONID = :lOptionID ;

The trick for DB2 encryption is to process your key management, retrieve you encryption seed and apply it:
EXEC SQL
Set encryption password = :lDB2KeyValue ;


There's a LOT that can be done with this, considering that the API essentially consists of a GET method and a SET method. I'm using this in applications where I need to store runtime configuration data. Some of this configuration data needs encryption, some does not. Below is an example of a usage of this api to collect and imbed the login account details for a PayPal transaction.

RXS_updVar('ApiUserAccount':Reg_GetAttrValue('PayPal':'ApiUserAccount':pSiteID) );
RXS_updVar('Password' :Reg_GetAttrValue('PayPal':'Password':pSiteID) );
RXS_updVar('Signature' :Reg_GetAttrValue('PayPal':'Signature':pSiteID) );

Hth,
-Eric DeLong

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of PaultinNZ
Sent: Monday, September 24, 2012 5:33 PM
To: Midrange Systems Technical Discussion
Subject: Re: Using QSYRUPWD to write a script file

Eric,

That sounds like a viable method could you share a little more detail?

On 25 September 2012 10:01, DeLong, Eric <EDeLong@xxxxxxxxxxxxxxx> wrote:

Cyndi,

I can't say too much about the specifics of my implementation, but I
recently implemented a "Registry" database and api that used DB2 encryption
for the purpose of secure storage of login credentials. DB2 provided a
flexible alternative to the encryption APIs already enumerated.

Just another option you might review.

-Eric DeLong

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:
midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Cyndi Bradberry
Sent: Monday, September 24, 2012 4:53 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: Using QSYRUPWD to write a script file

Scott,

That may end up being what we have to use.

Thanks for the thoughts.

Cyndi
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.









Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact