× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



As highmighted in red colour still unable to find whether anyone here
presented any live working example of decryption except cipher one but that
too is giving error if i put longer encoded string data and put some
complex key so any one has any solution for this please?
---------- Forwarded message ---------
From: Rishi Seth <rishiseth99@xxxxxxxxx>
Date: Fri, Oct 4, 2019 at 3:03 PM
Subject: Fwd: Regarding Decryption of AES128 encrypted data in RPGLE and
query regarding CRC 32 [PRIVATE REPLY]
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>


So it looks like below kind of encoded data will always endup with below
error and will never get decrypted using below cipher code so any other
alternative example which could decrypt such token with ECB mode and 128
bit key and can provide the decrypted data which could match the results
from the mentioned URL:-
https://www.devglan.com/online-tools/aes-encryption-decryption

---------- Forwarded message ---------
From: Rishi Seth <rishiseth99@xxxxxxxxx>
Date: Fri, Oct 4, 2019 at 1:02 PM
Subject: Re: Regarding Decryption of AES128 encrypted data in RPGLE and
query regarding CRC 32 [PRIVATE REPLY]
To: Mark Waterbury <mark.s.waterbury@xxxxxxxxxxxxx>


That was modified as followings please look below to decrypt below encoded
data(which is the result of UTF8 format) and also changed the key as per
below:-
HDFTACTGRP(*NO) BNDDIR('QC2LE') option(*srcstmt : *nodebugio)
h actgrp(*new)
ddata s 89A INZ('u3VtNgfyWU9faZcIaa8ZWbE5UZCf
d -7yA4MyW0ghflt9dNQNDpCcgMZiG/kXPE
d -CHL93B4iKiODHxxdVA==')
dfld1 s 100a
d*data s 16a inz('my coded message')
d*data s 16a inz('my coded message')
dsecretkey s 16a varying inz('661e275OIM1ULYLJ')
dencrypted s 16a
dascharacters s 32a
dAES_CONTROL DS Qualified
dfunctionid 2a
ddatalen 5u 0
doperation 1a
dmode 1a
dblocklen 1a
dmaclen 1a
dinitVector 32a
dreserved 7a
dkeyoption 1a
dkeyschedule *
dkey 32a
dcipher pr extproc ('_CIPHER')
dreceiver *
dcontrol 96a
dsource *
dcvthc pr extproc('cvthc')
drcvhex * value
dsrcchr * value
drcvlen 10i 0 value
dhex s 2a
dp_recv s *
0035.00
0036.00
0037.00
0038.00 AES_Control = *ALLx'00';
0039.00 AES_Control.functionID = x'0015';
0040.00 AES_Control.datalen = %size(data);
0041.00 AES_Control.operation = x'01'; //
0042.00 AES_Control.mode = x'00'; // 0=ECB
0043.00 AES_Control.blockLen = x'10'; // 16
0044.00 AES_Control.MACLen = x'00'; // 0
0045.00 AES_Control.keyOption = x'10'; // use
0046.00
0047.00 AES_Control.key = secretKey;
0048.00 p_recv = %addr(data);
0049.00 p_src = %addr(encrypted);
0050.00
0050.00

0051.00 cipher( p_recv : AES_Control : p_src);

0052.00

0053.00 eval data = fld1 ;

0054.00 *inlr = *on;


but during debug it's ending with below error:-

Additional Message Information



Message ID . . . . . . : MCH5601 Severity . . . . . . . : 40

Message type . . . . . : Diagnostic

Date sent . . . . . . : 19-10-04 Time sent . . . . . . :
12:59:49


Message . . . . : Template value not valid for instruction.

Cause . . . . . : The location of the value is template with an offset
to
field in bytes X'0002', an offset in field in bits X'0000', a length of

field of 2, and an instruction operand number of 2. The reason code is

X'0000'. If the reason code is X'0000', a reason code may not be
available.















Bottom
Press Enter to continue.




On Fri, Oct 4, 2019 at 5:01 AM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


I sent you a working sample program... (cipheraes.rpgle)


Somehow, you have modified it in ways that have introduced various errors.


As I explained in previous e-mails, these MI built-in functions, cipher,
cvthc, cvtch, etc., are all very touchy and sensitive to being passed
exactly the right parameters in the correct format, etc.


Good luck,


Mark

On Thursday, October 3, 2019, 3:51:48 PM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


Message ID . . . . . . : RNQ0202 Severity . . . . . . . : 99

Message type . . . . . : Inquiry

Date sent . . . . . . : 19-10-03 Time sent . . . . . . :
21:50:36


Message . . . . : The call to _CIPHER ended in error (C G D F).

Cause . . . . . : RPG procedure ENCR2 in program RISHI/ENCR2 at
statement
004800 called program or procedure _CIPHER, which ended in error. If the

name is *N, the call was a bound call by procedure pointer.

Recovery . . . : Check the job log for more information on the cause of
the
error and contact the person responsible for program maintenance.

Possible choices for replying to message . . . . . . . . . . . . . . . :

D -- Obtain RPG formatted dump.

S -- Obtain system dump.

G -- Continue processing at *GETIN.

C -- Cancel.

F -- Obtain full formatted dump.


Bottom
Press Enter to continue.




On Thu, Oct 3, 2019 at 9:50 PM Rishi Seth <rishiseth99@xxxxxxxxx> wrote:

currently in debug mode there is an error at line no 48>/

Additional Message Information



Message ID . . . . . . : MCH5601 Severity . . . . . . . : 40

Message type . . . . . : Diagnostic

Date sent . . . . . . : 19-10-03 Time sent . . . . . . :
21:47:56


Message . . . . : Template value not valid for instruction.

Cause . . . . . : The location of the value is template with an offset
to
field in bytes X'0002', an offset in field in bits X'0000', a length of

field of 2, and an instruction operand number of 2. The reason code is

X'0000'. If the reason code is X'0000', a reason code may not be
available.







On Thu, Oct 3, 2019 at 9:49 PM Rishi Seth <rishiseth99@xxxxxxxxx> wrote:

i am not cutting and pasting my code it\s as per actual only which i
shared to you and please let me know how can i correct it to make it work
for at least decryption part.

On Thu, Oct 3, 2019 at 7:52 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


This is totally unacceptable. I need to see the entire spool file, or
just download and send me the actual source code. You should not be
"cutting and pasting" the spool file into NOTEPAD. :-o


What kind of TN5250 emulator are you using? If you were using the latest
IBM i ACS (Access Client Solutions), it has features built-in to make it
easy to download spool files to the PC directly as a .pdf or as a text
file. Similarly, it has tools to help you to download and upload your
source code ... so you don't need to go out and learn a completely separate
FTP client (like FileZilla).


Mark

On Thursday, October 3, 2019, 11:10:44 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


also page no 2 of spool file is missing because there is some problem
while arranging sequence no while taking output in notepad file however
details are same like program lines code in it

On Thu, Oct 3, 2019 at 5:06 PM Rishi Seth <rishiseth99@xxxxxxxxx> wrote:

Hi,
please find attached spool file here i just tried to test decryption part
but on dsply data it is faling but also had few queries:-

even after successful decryption in case values of decrypted data does nor
match with the link which i sent in previous mail then what can we do
should we decode this data in base 64 or convert it in hexadecimal to have
same values like the values we receive from below url:-
https://www.devglan.com/online-tools/aes-encryption-decryption
i remember you told to use icov() api but don't we have any end to end
sample program which could work as a proof that the values which we are
getting from cipher program logic are exactly same if we use this link
hence the purpose of decryption should be considered that as400 also
capable like this url.

On Thu, Oct 3, 2019 at 4:02 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,

Unless you can send me either the complete compiler listing spool file or
the actual ILE RPG IV source you used when you got this error shown below,
there is nothing I can do for you in this instance.


Error messages like this, taken completely out of context, with no source
code or test data, etc., is completely useless to me.


You really need to read and study and understand that PDF document I sent
you.


Mark

On Thursday, October 3, 2019, 9:10:32 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


failed means whn we want to dsply that decrypted data it gives some error
also during deug below error appears:-

Additional Message Information



Message ID . . . . . . : MCH5601 Severity . . . . . . . : 40

Message type . . . . . : Diagnostic

Date sent . . . . . . : 19-10-03 Time sent . . . . . . :
15:08:26


Message . . . . : Template value not valid for instruction.

Cause . . . . . : The location of the value is template with an offset
to
field in bytes X'0002', an offset in field in bits X'0000', a length of

field of 2, and an instruction operand number of 2. The reason code is

X'0000'. If the reason code is X'0000', a reason code may not be
available.

also below error during debug:-

Additional Message Information



Message ID . . . . . . : RNQ0202 Severity . . . . . . . : 99

Message type . . . . . : Inquiry

Date sent . . . . . . : 19-10-03 Time sent . . . . . . :
15:09:18


Message . . . . : The call to _CIPHER ended in error (C G D F).

Cause . . . . . : RPG procedure ENCR1 in program RISHI/ENCR1 at
statement
004600 called program or procedure _CIPHER, which ended in error. If
the
name is *N, the call was a bound call by procedure pointer.

Recovery . . . : Check the job log for more information on the cause
of the
error and contact the person responsible for program maintenance.

Possible choices for replying to message . . . . . . . . . . . . . . . :

D -- Obtain RPG formatted dump.

S -- Obtain system dump.

G -- Continue processing at *GETIN.

C -- Cancel.

F -- Obtain full formatted dump.


Bottom
Press Enter to continue.

















On Thu, Oct 3, 2019 at 2:57 PM Rishi Seth <rishiseth99@xxxxxxxxx> wrote:

also some people suggested that decryption on as400 programming language
can not be done if encryption is done in utf 8 format(please refer peter
mail)

On Thu, Oct 3, 2019 at 2:50 PM Rishi Seth <rishiseth99@xxxxxxxxx> wrote:

The main *difference between ASCII* and *EBCDIC is* that the*ASCII* uses
seven bits to represent a character while the *EBCDIC*uses eight bits to
represent a character. It *is* easier *for* the computer to process
numbers. But it *is* a difficult process to handle text. Therefore, the
characters are encode
see it failed for below encoded data and key:-

*************** Beginning of data
*************************************
0001.00 HDFTACTGRP(*NO) BNDDIR('QC2LE') option(*srcstmt : *nodebugio)

0002.00 h actgrp(*new)

0003.00 ddata s 89a
inz('u3VtNgfyWU9faZc3Iaa8ZWbE5UZC
0004.00 d
-7yA4MyW0ghflt9dNQNDpCcgMZiG/kXPE
0005.00 d -2CHL93B4iKiODHxxdVA==')

0006.00 dsecretkey s 16a varying
inz('661e275OIM1ULYLJ')
0007.00 dencrypted s 16a

0008.00 dascharacters s 32a

0009.00 dAES_CONTROL DS Qualified

0010.00 dfunctionid 2a

0011.00 ddatalen 5u 0

0012.00 doperation 1a

0013.00 dmode 1a

0014.00 dblocklen 1a

0015.00 dmaclen 1a

0016.00 dinitVector 32a
0017.00 dreserved 7a

0018.00 dkeyoption 1a

0019.00 dkeyschedule *

0020.00 dkey 32a

0021.00 dcipher pr extproc('_CIPHER')

0022.00 dreceiver *

0023.00 dcontrol 96a

0024.00 dsource *

0025.00 dcvthc pr extproc('cvthc')

0026.00 drcvhex * VALUE

0027.00 dsrcchr * VALUE

0028.00 drcvlen 10i 0 VALUE

0029.00 dhex s 2a

0030.00 dp_recv s *

0031.00 dp_src s *

0032.00

0033.00 /FREE

0034.00 AES_Control = *ALLx'00';

0035.00 AES_Control.functionID = x'0015';

0036.00 AES_Control.datalen = %size(data);

0037.00 AES_Control.operation = x'00';

0038.00 AES_Control.mode = x'00'; // 0=ECB

0039.00 AES_Control.blockLen = x'10'; // 16

0040.00 AES_Control.MACLen = x'00'; // 0

0041.00 AES_Control.keyOption = x'10';

0042.00

0043.00 AES_Control.key = secretKey;

0044.00 p_recv = %addr(encrypted);

0045.00 p_src = %addr(data);

0046.00 cipher( p_recv : AES_Control : p_src);

0047.00

0048.00 p_recv = %addr(asCharacters);

0049.00 p_src = %addr(encrypted);

0050.00 cvthc ( p_recv : p_src : %size(asCharacters));

0051.00 dsply asCharacters;
0052.00 data = *blanks;
0053.00
0054.00 AES_Control = *ALLx'00';
0055.00 AES_Control.functionID = x'0015';
0056.00 AES_Control.datalen = %size(data);
0057.00 AES_Control.operation = x'01'; //
0058.00 AES_Control.mode = x'00'; // 0=ECB
0059.00 AES_Control.blockLen = x'10'; // 16
0060.00 AES_Control.MACLen = x'00'; // 0
0061.00 AES_Control.keyOption = x'10'; // use
0062.00
0063.00 AES_Control.key = secretKey;
0064.00 p_recv = %addr(data);
0065.00 p_src = %addr(encrypted);
0066.00
0067.00 cipher( p_recv : AES_Control : p_src);
0070.00 *inlr = *on;
0071.00 /end-free





On Thu, Oct 3, 2019 at 2:29 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


The cipher() MI built-in function uses the industry-standard AES
encryption and decryption algorithms, so it *can* and should work for
your scenario, if you give it the correct data. (Remember, *"Garbage In,
Garbage Out!"*)


But, you seem to be *"missing"* a few important details or steps. * Did
you not read all of the detailed replies others have posted on the
MIDRANGE-L list? * Several others actually went to that same web site,
and they successfully typed in some test data, and got back an encrypted
string, and then successfully decrypted that on the IBM i using the AES
decryption APIs (not with the cipher MI built-in, but using the equivalent
qc3... APIs).


-

They pointed out some important points about the fact that the data
returned from that web site is not only encoded in UTF8, but the results
that come back from that web site also appear to be "*Base 64*" encoded.
So, you would also need to use some procedures to decode "BASE-64"... *Do
you understand what that means?*


And, you never did respond to my inquiries about whether you understood
the differences between ASCII and UTF-8 and EBCDIC. The "AS/400" *(as
you call it)* and OS/400 and the IBM i platform is primarily an EBCDIC
system. When you type in literal constants in ILE RPG IV source, they end
up translated into EBCDIC in the compiled code, by default. You would
need to take extra steps, such as using the "iconv()" APIs, to translate
from UTF-8 to EBCDIC or from EBCDIC to UTF-8.


I am going to do you a *big favor* -- I am going to send you a separate
e-mail that will attempt to teach you how to get much better results from
the questions you ask on these lists at midrange.com ...


All the best,


Mark S. Waterbury


On Thursday, October 3, 2019, 8:09:06 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


Thanks much this is now working but main thing is that will it work for
data which is encoded using AES128 in UTF 8 encrypted using some other
encryption methos here it worked because we did encryption in this program
itself using aes 128 algorithm but what if we have to decrypt the data
using aes algorithm in as400 which is encrypted in utf8 format?

On Wed, Oct 2, 2019 at 10:59 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


Wait just a damned minute ...!!!


It appears that you must have changed something in the source code that I
sent you! :-o


The declare for the "cvthc" procedure should look like this:


D cvthc Pr ExtProc( 'cvthc' )
D RcvHex * Value
D SrcChr * Value
D RcvLen 10i 0 Value


But, when I look more closely at that spool file you just sent me, I
cannot find that at all ... in fact, somehow, Page 2 of the compile listing
seems to be totally "missing" in the copy you sent me. What's going on
here?


Please verify that you see the above declaration for "cvthc" in your
source code for your program that you are trying to compile, or just upload
the "cipheraes.rpgle" program I sent you, exactly as it is, and try to
compile it with CRTBNDRPG, and then send me the *complete *spool file
listing from that.


Are you just jerking my chain and wasting my time?


Thank goodness I did not make a complete fool of myself by sending this to
someone at IBM Corp.!


Mark


On Wednesday, October 2, 2019, 11:33:21 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


Hi,

Please find the spool file of RPGLE attached with this email.

Thanks

On Wed, Oct 2, 2019 at 5:18 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

No, it will *not* be "the same"... do you think I would waste your time
and mine if I thought it was "the same"?

It will not be the same because the stupid SQL preprocessor stuck all
sorts of SQL-related "crap" in there ...


On Wednesday, October 2, 2019, 11:17:10 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


it should ideally be the same only as just compiled it by just changing
member type from sqlrpgle to rpgle.

On Wed, Oct 2, 2019 at 5:12 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


Sorry, that did not "prove" anything. Again, it worked "perfectly" on the
V7R3 system that is up-to-date on PTFs. I also tested it on a V7R2 system.
:-o


Similar to the strange -171 errors you were getting with the SQL
preprocessor, I suspect that your V7R3 system may be "woefully behind" on
PTFs. there are CUMulative PTFs and many "Group PTFs" -- one for DB2,
etc., that all must be kept "up to date."


Please send me the spool file resulting from the CRTRPGPGM of the
CIPHERAES RPGLE -- the exact one I sent you ... not the one generated by
CRTSQLRPGI ... I will look closely to see if I can find anything?


Mark


On Wednesday, October 2, 2019, 10:56:23 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


Ok, thanks.

On Wed, Oct 2, 2019 at 4:54 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


Hang on, I will try it on another V7R3 system I have access to that is
very "up to date" on PTFs ...


Mark

On Wednesday, October 2, 2019, 10:52:06 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


still the same error and this time compiled it with member type rpgle.

On Wed, Oct 2, 2019 at 4:42 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


So, the program I sent you had a type of "RPGLE"... it was intended to be
compiled with the ILE RPG IV compiler, e.g. using CRTBNDRPG. If you had
uploaded the member exactly as I sent it to you, with a member type of
"RPGLE" then PDM option 14 should "do the right thing."


However, from looking at this listing, it appears that you have given it a
type of SQLRPGLE. But, my example program did not use any "embedded
SQL". When you use a member type of SQLRPGLE, PDM option 14 does not use
CRTBNDRPG directly, but instead invokes the CRTSQLRPGI command, that runs
the SQL "preprocessor" and then it invokes CRTBNDRPG for you,
automatically, as part of that command, if no errors are detected by the
preprocessor.


What else did you change, if anything, in that source I sent you?
Because, I copied my source and gave it a member type of "SQLRPGLE" on my
V7R3 system and it compiled and ran "just fine." :-o


(*NOTE:* I am *not* going to "debug" *your* program *for you*.)


I suggest you try uploading the program I sent you, exactly "as is" with a
member type of RPGLE, and then try to compile and run that. If that still
gets this RNF7542 error, then something else is going on ...


(HINT: you really need to ask the "system administrators" at your shop to
please run WRKPTFGRP and provide that information.)


Mark



On Wednesday, October 2, 2019, 10:26:06 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


please find it attached with this email.



On Wed, Oct 2, 2019 at 4:10 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,

CRTBNDRPG is the command you should be using to "compile" that sample
program with.


Yes, the "listing" I am referring to is the resulting spool file, (where
you saw that RNF7542 errror message).


Mark

On Wednesday, October 2, 2019, 9:32:34 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


Thanks a lot. i am trying it all this on V7R3M0 L00

also what do you mean by CRTBNDRPG listing do you need spooled files?

On Wed, Oct 2, 2019 at 3:24 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


That program compiles and runs perfectly on my systems, from V5R4 on up.


What version of the OS are you doing this on?


Perhaps if you can somehow download the entire listing created by the
CRTBNDRPG command, as either a text file or as a .pdf, you can e-mail that
to me? Perhaps I might be able to see something in there? :-o


Mark

On Wednesday, October 2, 2019, 8:12:57 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


also in this code error is on line 48 as followings:-

*RNF7542 30 1 Parameter cannot be passed by reference when it can be
changed during the call.

Error on line no. 48:-

0048.00 cvthc ( p_recv : p_src :
%size(asCharacters));

On Wed, Oct 2, 2019 at 10:59 AM Rishi Seth <rishiseth99@xxxxxxxxx> wrote:

Thanks
below error for WRKPTFGRP :-

Message ID . . . . . . : CPD0032 Severity . . . . . . . : 30

Message type . . . . . : Diagnostic

Date sent . . . . . . : 19-10-02 Time sent . . . . . . :
10:55:17


Message . . . . : Not authorized to command WRKPTFGRP in library *LIBL.

Cause . . . . . : An attempt was made to access a command without
adequate
authority.

Recovery . . . : Obtain authority from the security officer or the
command
owner, and then try the command again.




*************
sample program:-
but this will again encrypt and then just decrypt sample data but I just
want something which is already encrypted using AES128 algorithm ( using
UTF 8 Format or may be from some other channel or interface) and want to
get it decrypted using AS400 program whose data(encrypted data which we
want to get decrypted using as400 program or IBM API) is present in some
xml file
so for the same we tried sql function to get it decrypted but we ended up
in -171 error(sql code) error here.



On Tue, Oct 1, 2019 at 5:10 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Hi, Rishi,


If your user profile has enough authority, you can issue:

WRKPTFGRP

to find out what PTF level of each PTF group is installed on your
system. Or, you may need to ask a "system administrator" to do that.


Per your request for "sample code" -- I have attached a small example
program that shows how to use the MI built-in function "cipher" -- that can
do various kinds of encryption, and it *should* be able to do what you
want.
(See attached "cipheraes.rpgle" ... it is a text file so you should be
able to simply FTP it to your IBMi system, or cut-and-paste it into RDi
...).


*NOTE:* this is just a sample program, so it does not pass any
parameters, etc., you would have to add that, or copy and paste some of
this code into your own program(s) to achieve your desired results.


Let me know how that goes ...


All the best,


Mark S. Waterbury


On Tuesday, October 1, 2019, 10:52:42 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


it's for some proof of concept.

how to check whether all the PTFs are up to date is there any command ?

it's actually already stored in some xml file (which is encrypted using
AES 128 algorithm) whose sample encoded data we tried to decrypt in
previous emails using SQL function previously then we got that SQL code
(-171) error there and this needs to be decrypted using AES 128 in AS400
program.



On Tue, Oct 1, 2019 at 3:16 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rishi,


You still have not answered my questions about *why *you would want to do
such a thing as encrypting data using some web site, and then decrypt that
same data on the IBM i ... is this just a "proof of concept" or for your
own education?


What version / release of OS/400 or IBM i are you trying to do this on?
(Perhaps you mentioned this, somewhere in one of your many, many posts to
the list ... sorry if I "missed" that.)


Also, do you know if that system you are working on is kept "up to date"
with PTFs, CUMe PTFs and Group PTFs? This is important, because I ran into
a very similar issue to what you saw, the SQLCODE = -171, and this was when
I used SQL's encrypt_AES and decrypt_char "pair" ... :-o It happened on
V7R3 on a system that was not "up to date" on all the PTFs; on another
system at V7R3 with all the latest PTFs, it worked "fine."


Also, you can do what you ask below, if and only if the "data" that you
are trying to decrypt with e.g. SQL's decrypt_char was originally encrypted
with SQL's encrypt_AES function. (Not necessarily all done from within
the same program at the same time -- that encrypted data could be stored
somewhere, e.g. in a database file, and then retrieved later on, and then
decrypted at that time.)


I hope this helps to clear up some of your *many* questions.


Mark S. Waterbury

On Friday, September 27, 2019, 4:32:29 AM EDT, Rishi Seth <
rishiseth99@xxxxxxxxx> wrote:


Can we directly use decryption function without doing encryption
programmatic way as we already have encoded values we just need to decode
it i tried the same but getting below error :-

1 **free
2 dcl-s enc varchar(130);
3 dcl-s psw char(31) ccsid(37)
4 inz('6-9d15-ec98bcc81ec4275OIM1TS7LI');
5 dcl-s text char(88) ccsid(37);
6 text = 'u3VtNgfyWU9faZc3Iaa8ZWbE5UZCfmC17yA4MyW0ghflt9dNQNDp+
7 CcgMZiG/kXPE4vv2CHL93B4iKiODHxxdVA==';
8 // exec SQL Set :enc = encrypt_AES(:text, :psw);
9 // DSPLY SQLCODE;
10
11 exec SQL Set :enc = decrypt_char(:text,:psw);
12 DSPLY SQLCODE;
13 eval *inlr=*on;

*SQLCODE = -171*

On Wed, Sep 25, 2019, 19:29 Peter Dow <petercdow@xxxxxxxxx> wrote:

In addition, note that the field in question is defined with keyword
CCSID(37), so system value should not matter.

On 9/25/2019 5:44 AM, Mark Waterbury wrote:
Rob,

The system that I performed that test on, that is back-level on PTFs at
V7R3, has QCCSID=37.


I also performed the identical test on another V7R3 system that is "up
to date" on PTFs, and it ran just fine.


Mark


On Wednesday, September 25, 2019, 7:34:56 AM EDT, Rob Berendt <
rob@xxxxxxxxx> wrote:

Mark,

I think we've determined it's not the PTF's. It's the value of
DSPSYSVAL QCCSID.
Encryption hates 65535.

Rob Berendt



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.