× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. October 2019

Re: Regarding Decryption of AES128 encrypted data in RPGLE and query regarding CRC 32 [PRIVATE REPLY]

Hi,

Is this conclusion now true that we can not decrypt data using AES
algorithm in AS400 programming language which is encrypted using web link
in UTF8 or other ASCII values like here as mentioned in previous mails?

Thanks

On Mon, Sep 30, 2019 at 7:13 PM Peter Dow <petercdow@xxxxxxxxx> wrote:

Hi Rishi,

I went to the website you mentioned,
https://www.devglan.com/online-tools/aes-encryption-decryption, and
tried decrypting


u3VtNgfyWU9faZc3Iaa8ZWbE5UZCfmC17yA4MyW0ghflt9dNQNDpCcgMZiG/kXPE4vv2CHL93B4iKiODHxxdVA==

with password (secret key)

6-9d15-ec98bcc81ec4275OIM1TS7LI

and I noticed a couple of things.

1. Since the encryption is AES128, the password length must be 16
bytes. The pswd in your program is 31 bytes.

2. The "encrypted" data is actually base64 encoded. In order to decrypt
it in RPG, you would first have to decode it from base64, then decrypt it.


On top of that, when I used the aforementioned website to encrypt
'whatever text', in AES with 128-bit key, mode ECB, and password
'mypasswordis16xy', the encrypted value is

x'831720A57F742CBB3A86AB24A3AA23AE'.

If I use the SQL encrypt_AES function, with the same password, the
encrypted value is

x'4CB947FF0025D5A6B96180506FFE4F23B96180506FFE4F23'.

The reason for this difference probably has something to do with the
following notes from IBM's SQL manual on the encrypt_AES function:

"The length attribute of the result depends on the arguments that are
specified:
* when /password-string/ is specified but a /hint-string/ is not
specified, the length
attribute of /data-string/ plus 24 plus the number of bytes to a
16-byte boundary.
* Otherwise, the length attribute of /data-string/ plus 64 plus the
number of bytes to
a 16-byte boundary."

Apparently IBM's encrypt_AES function includes more than just the
encrypted value in its result.

In short, it looks like you cannot use IBM's decrypt_AES function to
decrypt a value encrypted by anything other than IBM's encrypt_AES
function.

--
*Peter Dow* /
Dow Software Services, Inc.
909 793-9050
petercdow@xxxxxxxxx <mailto:petercdow@xxxxxxxxx>
pdow@xxxxxxxxxxxxxx <mailto:pdow@xxxxxxxxxxxxxx>

/
On 9/30/2019 4:50 AM, Rishi Seth wrote:
I Know below is the IBM API for same but need a real working example
which
could decrypt data which is encoded using UTF8 or ACII. with 128 bit key
and Mode is ECB?





---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.