× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. RPG400-L
  3. March 2024

using Qc3EncryptData

Hello,

I have an authorisation process where there is encryption involved.
I am sending authorisation challenge and receiving back a timestamp. Then
time stamp (unix time) should be concatenate with "|" and token and
encrypted (RSA) with public key.
Encrypted token has to be included in an XML and send back to the service.

I am using Qc3EncryptData API for encryption and encrypted value seems to be
ok in terms of length and structure but it is not. I am receiving and error
that encryption is wrong.
I have tried to encrypt the same value (token and unix time) with some
online encryption tool and then paste it to my process and it works fine.
Probably there is an issue in calling the API or characters conversion but I
have no idea what to check more .

I would appreciate any suggestion what I am doing wrong or how to use the
API for encryption in this case.

Thank you
Szymon

This is just part for encryption. Encrypted value is inserted to XML tag and
send with HTTPAPI.

/copy BASE64_H

/copy QSYSINC/QRPGLESRC,QUSEC



//------------------------------------------------------------------------

// Variables

//------------------------------------------------------------------------



dcl-s wkToken char(512) ccsid(*utf8);

dcl-s wkPublicKey varchar(512);

dcl-ds *n;

wkEncryptedData char(32767);

wkOutData char(32767) ccsid(*utf8) overlay(wkEncrypteddata);

end-ds;

dcl-s wkOutDataLen int(10);

dcl-s wkRetDataLen int(10);

dcl-s UNIXtime int(20) inz(1710237888780);



//------------------------------------------------------------------------

// Constants

//------------------------------------------------------------------------

dcl-c pipeChar x'7C';

dcl-c cALGO_RSA_PUB 50; // Valid only for key description
KEYD0200. The key
dcl-c cKEY_FORMAT '1'; // format must be 1

dcl-c cPKCS_BLOCK_TYPE_02 '2';

dcl-c cCRYPTO_SERVICE '0';



//------------------------------------------------------------------------

// Prototypes and copy sources

//------------------------------------------------------------------------



dcl-pr Qc3EncryptData extproc('Qc3EncryptData');

clearData char(32767) const;

clearDataLen int(10) const;

clearDataFormat char(8) const;

algorithm like(dsQ3D0400) const;
algorithmFormat char(8) const;
key like(dsKey200) const;
keyFormat char(8) const;
cryptoProvider char(1) const;
cryptoDevice char(10) const options(*omit);
encryptedData char(32767);
encryptedDataLen int(10) const;
retEncryptedDataLen int(10);
QUSEC likeds(QUSEC);
end-pr;



// ALGD0400 Format

dcl-ds dsQ3D0400 qualified; //
ALGD0400
pubKeyCipherAlgorithm int(10); // Public
key cipher algor.
PKAblock char(1); // PKA
block format
reserved char(3); //
Reserved
signingHashAlgorithm int(10); // Signing
hash algorithm
end-ds;


// KEYD0200 Format

dcl-ds dsKey200 qualified; //
KEYD0200 Format
keyType int(10); // Key
type
keyStringLen int(10); // Key
string length
keyFormat char(1); // Key
format
reserved char(3); //
Reserved
keyString char(512) ccsid(*hex); // Key
string
end-ds;



wkToken =

'2278C406D2523A1B0CEFD54060562B151' +

'DB0E6AD3079040B28E5C17ABC01397A';

wkToken = %trimr(wkToken) + pipeChar + %char(UNIXtime);
// UNIXtime is fixed here just for the sake of example


wkPublicKey =

'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWosgHSpiRLadA0fQbzs' +

'hi5TluliZfDsJujPlyYqp6A3qnzS3WmHxtwgO58uTbemQ1HCC2qwrMwuJqR6l8tg' +

'A4ilBMDbEEtkzgbjkJ6xoEqBptgxivP/ovOFYYoAnY6brZhXytCamSvjY9KI0g0M' +

'cRk24pOueXT0cbb0tlwEEjVZ8NveQNKT2c1EEE2cjmW0XB3UlIBqNqiY2rWF86Dc' +

'uFDTUy+KzSmTJTFvU/ENNyLTh5kkDOmB1SY1Zaw9/Q6+a4VJ0urKZPw+61jtzWmu' +

'cp4CO2cfXg9qtF6cxFIrgfbtvLofGQg09Bh7Y6ZA5VfMRDVDYLjvHwDYUHg2dPIk' +

'0wIDAQAB';



dsQ3D0400 = *allx'00';

dsQ3D0400.pubKeyCipherAlgorithm = cALGO_RSA_PUB;

dsQ3D0400.PKAblock = cPKCS_BLOCK_TYPE_02;



dsKey200 = *allx'00';

dsKey200.keyType = cALGO_RSA_PUB;

dsKey200.keyFormat = cKEY_FORMAT;

dsKey200.keyStringLen = base64_decode(%addr(wkPublicKey: *data):
%len(wkPublicKey):
%addr(dsKey200.keyString):
%size(dsKey200.keyString));

Qc3EncryptData(wkToken:
%len(%trimr(wkToken)):
'DATA0100':
dsQ3D0400:
'ALGD0400':
dsKey200:
'KEYD0200':
cCRYPTO_SERVICE:
*OMIT:
wkEncryptedData:
%size(wkEncryptedData):
wkRetDataLen:
QUSEC);


wkOutDataLen = base64_encode(%addr(wkEncryptedData):
wkRetDataLen:
%addr(wkEncryptedData):
%size(wkEncryptedData));

*INLR = *On;
Return;



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.