× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. RPG400-L
  3. November 2005

RE: Is there any good sample for Advance Encryption Standard in RPGLE

There's an example in the archives (search under "CIPHER'n problem") but
make sure you read the entire thread since there was an error in the
code.

The code in the archives does not use a salt value which is bad for
production code since it results in the same cipher text being generated
for the same clear text which opens you up to dictionary attacks. To add
a salt value, you'll need to change the encryption mode to CBC and put a
value in the initialization vector prior to calling the CIPHER
instruction. The salt value should be unique for each call but it
doesn't have to be kept secret. You'll also need to store the salt value
and use it when you decrypt the data. I use the pseudo random number
generator function of CIPHER to do this.

The sample I'm referencing has a few other issues you should be aware
of. First, it only does one block length worth of data which makes it a
little limited. The fix for that is simple, you just have to split your
data up into chunks and call the routine for each chunk of data (only
specify the salt value for the first chunk). The second issue is that
the padding CIPHER does isn't supported in some environments (like .Net
and Java). Those environments use PKCS7 (.Net) or PKCS5 (Java) padding
(.Net can understand PKCS5 padded data but Java doesn't so we just use
PKCS5 for everything, this is only an issue if you use 256-bit AES --
PKCS5 only works for 16 byte blocks). You'll need to pad the last block
of data yourself (there may be examples of PKCS5 padding in the
archives). The third issue is that CIPHER operates at the bit level so
you get no automatic translation of encrypted data. 

The second and third issues are only issues if you need to exchange
encrypted data with other systems. We assume each end can understand
Unicode so we use iconv() to do the translation as needed.

Matt

-----Original Message-----
From: rpg400-l-bounces@xxxxxxxxxxxx
[mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of Mohammad Tanveer
Sent: Tuesday, November 22, 2005 11:41 AM
To: 'RPG programming on the AS400 / iSeries'
Subject: Is there any good sample for Advance Encryption Standard in
RPGLE

Hi

Is there any good sample for Advance Encryption Standard in RPGLE for
Credit
Card Encryption?

Thanks

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.