I'm not sure you want to use a trigger for this type of application. You could certainly encrypt the field using a trigger on update/write, but the read trigger doesn't allow you to alter the buffer delivered to the application (at least the last I looked) and so you would still need application awareness to decrypt the data.
The APIs and the cipher instruction, where they overlap, are accessing common function found in the Licensed Internal Code. If it was me, I would tend to go the Qc3 API route only because the APIs provide quite a bit more in the way of documentation. I generally use MI only when there is no suitable alternative. And while IBM supports the use of both MI and System APIs, the support tends to be more readily at hand with APIs as MI just isn't used all that much.
SQL could certainly be used for this. But if you are not currently using SQL I'm not sure that I would change over to it for a one time application enhancement.
Bruce
http://www.brucevining.com/
Providing integrated solutions for the System i user community
Mike Cunningham <mcunning@xxxxxxx> wrote:
True, and that is where I might put it since I do want it to be always encrypted but I still need to figure out if I do the trigger with _cipher or Qc3 APIs. I don't think the SQL method would work in a trigger
-----Original Message-----
From: rpg400-l-bounces@xxxxxxxxxxxx [mailto:rpg400-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Tuesday, March 25, 2008 3:36 PM
To: RPG programming on the AS400 / iSeries
Subject: Re: _cipher API vs Qc3Encrypt/Qc3DecryptData vs SQL
Is there a way to determine if a field has already been encrypted? If so,
then the encryption could be in the trigger associated with that file.
Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com
Mike Cunningham
Sent by: rpg400-l-bounces@xxxxxxxxxxxx
03/25/2008 03:32 PM
Please respond to
RPG programming on the AS400 / iSeries
To
"'RPG Midrange'"
cc
Subject
_cipher API vs Qc3Encrypt/Qc3DecryptData vs SQL
I am working on my first application that needs to use Triple DES
encryption to encrypt a single field in a database. I found an example of
doing this using the _cipher mi API and the Qc3.. APIs and SQL. Is there
any difference between the three methods I found to encrypt data?
Obviously the SQL method would require me to do SQL inserts instead of
writes. Is there any difference between the two different APIs? _cipher
looks like it can do both where the Qc3 apis have one for each direction.
--
This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at
http://archive.midrange.com/rpg400-l.
--
This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at
http://archive.midrange.com/rpg400-l.
As an Amazon Associate we earn from qualifying purchases.