AES decryption in RPG

Hi, I'm scratching my head over this one. I suspect it's a cccsid and I've
thrown a variety of conversions at it and lost out. Does anyone have any
experience with AES decoding in RPG please?

Thanks in advance !

If I go to a website such as
https://www.devglan.com/online-tools/aes-encryption-decryption and enter a
simple test to encrypt a string, I want to decrypt it in RPG on the
iSeries.

My Test is as follows:

On the website:

Text to encrypt = TEST
mode ECB
No Padding
Key size 256
Secret Key 11111111111111111111111111111111

The Base64 result is 496QM9dt3+pzckI4U5oKAQ==

Now if I use these values in my program, Base64-decode the input, then pass
the result into Qc3DecryptData the result is not 'TEST' :

Result:
[image: image.png]

Here's the program listing:
* CRTRPGMOD TESTDC

* CRTPGM PGM(lib/TESTDC) BNDSRVPGM(QC3DTAEN QC3PRNG)

*

H DEBUG OPTION(*SRCSTMT:*NODEBUGIO)

H DFTACTGRP(*NO) ACTGRP(*NEW) BNDDIR('HTTPAPI':'BASE64')



/copy BASE64_H

/copy httpapi_h



/******************************************************************

/* Interface:



D TESTDC PR ExtPgm('TESTDC')

D input 100A

D textdec 100A

D msg 256A

D TESTDC PI

D input 100A

D textdec 100A

D Msg 256A

D



//****************************************************************

// Procedure def:



// Decrypt Data (OPM, QC3DECDT; ILE, Qc3DecryptData) API

// Restores encrypted data to a clear (intelligible) form.

// ---------------------------------------------------------------

D Qc3DecryptData Pr ExtPgm('QC3DECDT')

D encryptedData 100a

D encryptedDtaL 10I 0

D algorithm like(QC3D0200)

D algorithmFmt 8

D key like(keyC)

D keyFmt 8

D srvProvider 1

D deviceName 10

D clrDta 100a

D clrDtaBufL 10I 0

D clrDtaRtnL 10I 0

D errcde like(APIERR)



//****************************************************************

// Data Structures:



//ALGD0200 algorithm description structure

//Qc3 Format ALGD0200

// -----------------------------------------

DQC3D0200 DS

// Block Cipher Alg:

D QC3BCA 1 4B 0

// Block Length:

D QC3BL 5 8B 0

// Mode:

D QC3MODE 9 9

// Pad Option:

D QC3PO 10 10

// Pad Character:

D QC3PC 11 11

// Reserved:

D QC3ERVED 12 12

// MAC Length:

D QC3MACL 13 16B 0

// Eff Key Size:

D QC3EKS 17 20B 0

// Init Vector:

D QC3IV 21 52



//****************************************************************



// KEYD0200 key description format structure

// Qc3 Format KEYD0200

// -----------------------------------------

DQC3D020000 DS

// Key Type:

D QC3KT 1 4B 0

// Key String Len:

D QC3KSL 5 8B 0

// Key Format:

D QC3KF 9 9

// Reserved:

D QC3ERVED02 10 12 inz(x'000000')



//****************************************************************



// API error structure

// -------------------

D APIERR DS

D ERRPRV 10I 0 INZ(272)

D ERRLEN 10I 0

D EXCPID 7A

D RSRVD2 1A

D EXCPDT 256A

D



//****************************************************************

// Working Vars:



D B64Outlen S 10I 0

D encryptedData S 100a

D encryptedDtaL S 10I 0

D algorithm S like(QC3D0200)

D algorithmFmt S 8 inz('ALGD0200')

D key S like(KeyC)

D keyFmt S 8 inz('KEYD0200')

D srvProvider S 1 inz('1')

D deviceName S 10 inz(*blanks)

D clrDta S 100a

D clrDtaBufL S 10I 0

D clrDtaRtnL S 10I 0



D KeyString S 256

D KeyC S 256

dcl-s txtOut char(50) ccsid(37);

//****************************************************************

// Main:



/free



// Base64 Decode the input string:

// ------------------------------



input='496QM9dt3+pzckI4U5oKAQ==';



B64Outlen = base64_decode( %addr(input)

: %size(%trimr(input))

: %addr(encryptedData)

: %size(encryptedData));





// AES-Decrypt the Base-64 decoded output:



// Set up QC3D0200 algorithm

// -------------------------

// ------- B E G I N -------



// Block cipher algorithm (22 is AES)

QC3BCA = 22;



// Block length (16 is AES)

QC3BL = 16;



// Mode (ECB=0,CBC=1)

QC3MODE = '0';



// Pad Option 1 - Use the char specified in the pad character field

QC3PO = '0';



// Pad Character

QC3PC = X'00';



// Reserved

QC3ERVED = X'00';



// MAC Length - not used - set to null(binary 0s)

QC3MACL = X'00000000';



// Effective key size - must be set to 0.

QC3EKS = 0;



// Initialization vector

// The initialization vector (IV). An IV is not used for mode ECB,

// and must be set to NULL (binary 0s).

QC3IV = *AllX'00';



algorithm = QC3D0200;



// --------- E N D ---------

// Set up QC3D0200 algorithm

// -------------------------



// Set up QC3D0200 Key

// -------------------

// ---- B E G I N ----



// Key Type (KeyFormat 0, KeyLength =32)

// 22 AES

QC3KT = 22;



// Key Format

QC3KF = '0';



// Key String

KeyString ='11111111111111111111111111111111';



// Key Length (AES type 22 has length 32)

QC3KSL = %len(%trimr(KeyString));



KeyC = QC3D020000 + %trimr(KeyString);

Key = KeyC;



// ------ E N D ------

// Set up QC3D0200 Key

// -------------------



// encrypted data= base64-decrypted result



encryptedDtaL = %len(%trimr(encryptedData));

clrDtaBufL= %size(ClrDta);



callP Qc3DecryptData( encryptedData :

encryptedDtaL :

algorithm :

algorithmFmt :

key :

keyFmt :

srvProvider :

deviceName :

clrDta :

clrDtaBufL :

clrDtaRtnL :

APIERR

);

If ERRLEN > 0;

msg = EXCPID;

EndIf;



txtOut = clrDta;



*InLr = *On;