Encryption and decryption of files.

[JamesBowen]

If I encrypt a file by using the copy-lob function into a memptr. Run the memptr through encrypt function under 10.1B. Then used the copy-lob function again to copy the memptr to file. What linux/windows command line tool(s) can I use to decrypt that file from the OS?

I know my example to very simple and I did not even mentioned the word password, PBE-KEY, or encryption algorithm. But I am just trying a to explain a scenario.

Currently I am encrypting and decrypting files from OE 10.1B with no problems. The problem I am having is I don't know what is the best method for being able to decrypt files from the OS.

Any takers.

 

[dayv2005]

If I encrypt a file by using the copy-lob function into a memptr. Run the memptr through encrypt function under 10.1B. Then used the copy-lob function again to copy the memptr to file. What linux/windows command line tool(s) can I use to decrypt that file from the OS?

I know my example to very simple and I did not even mentioned the word password, PBE-KEY, or encryption algorithm. But I am just trying a to explain a scenario.

Currently I am encrypting and decrypting files from OE 10.1B with no problems. The problem I am having is I don't know what is the best method for being able to decrypt files from the OS.

Any takers.

i know this isnt what you are asking but i found this the other day looking around i figured id post it in case you wanted a look. It was one of the fastest base64 encryptions on a peg comp.

 

[JamesBowen]

Thanks for the base64 encoder function I was using that very function about 5 years ago when I was attaching files to email.

Now OE 10.+ has a base64 encoder/decoder built-in, that function is almost defunct. Thanks anyway.:awink:



Also I have been doing a little bit more research and I have come across a gpg command line tool (p.s. I am not a linux guru). Could I use th gpg command handle encrypted files created by progress?

 

[joey.jeremiah]

without doing my homework on the subject, although, i have used the built-in encryption/decryption features.

progress uses industry standard encryption algorithms and there *shouldn't* be anything progress specific about them.

in the on-line help lookup the supported and the specific encryption algorithms you're using and search for a util, product or other that supports these algorithm.

i'd be interested to hear what you came up.

 

[JamesBowen]

Quick Update.

I think using openssl to handle encryption & decryption of files from the OS "should be compatible" with OpenEdge's internal encrypt/decrypt functionality.

However I am still unable to decrypt a file from the OS which was created by the ABL.

http://www.openssl.org/

 

[JamesBowen]

Details:
OS Centos 6.3
OE 11.1

Well after many years I still have not got a solution to this problem, however I do feel I'm very close to getting a solution. Here is a simple code example of encrypting some text into a encrypted file.

Now I've found a Linux command line tool called aespipe. But When I try and executed using the encrypted file generated from the code below it fails with a Segmentation fault .

If I use the the command line tool on its own to encrypt and decrypt files it works. So what do I need to change to make the OE encrypt function work with the aespipe command line tool?

DEFINE VARIABLE mpData AS MEMPTR      NO-UNDO.
DEFINE VARIABLE mpEncrypted AS MEMPTR      NO-UNDO.
DEFINE VARIABLE chOutputFile AS CHARACTER   NO-UNDO.
DEFINE VARIABLE chPassword AS CHARACTER   NO-UNDO.

DEFINE VARIABLE chPlainText AS CHARACTER   NO-UNDO.

chOutputFile = 'encrypted-file.aes'.
chPlainText = "I've got something I want to encrypt....".
chPassword = "Migratory Blueberries".   

SET-SIZE(mpData) = 0.
SET-SIZE(mpData) = LENGTH(chPlainText,'RAW') + 1.

PUT-STRING(mpData,1) = chPlainText.

SECURITY-POLICY:SYMMETRIC-ENCRYPTION-ALGORITHM = "AES_CBC_256".
SECURITY-POLICY:PBE-KEY-ROUNDS = 2000.
SECURITY-POLICY:PBE-HASH-ALGORITHM = 'SHA-512'.
SECURITY-POLICY:ENCRYPTION-SALT = ?.

SECURITY-POLICY:SYMMETRIC-ENCRYPTION-KEY = GENERATE-PBE-KEY (chPassword).
SECURITY-POLICY:SYMMETRIC-ENCRYPTION-IV  = ?.

mpEncrypted = ENCRYPT(mpData).

COPY-LOB FROM OBJECT mpEncrypted TO FILE chOutputFile.

SET-SIZE(mpData) = 0.
SET-SIZE(mpEncrypted) = 0.

aespipe command line test

aespipe -v -H sha512 -d -e AES256 < encrypted-file.aes > decrypted.txt
Password:
aespipe: x86 assembler AES, 256 key bits, decrypting, single-key mode
Segmentation fault (core dumped)

More details about aespipe here http://pwet.fr/man/linux/commandes/aespipe

 

[JamesBowen]

Success

I've managed to use OpenSSL to decrypt a file which was generated by the ABL. The code below is simple where it encrypts a string to a file and then using OpenSSL (aka. sslc in the OpenEdge/bin directory) to decrypt the file to a readable text file.

The problem I was having was that I was trying to use the plain clear text password to decrypt, when in fact I should of been using the generated key which is based upon the clear text password.

DEFINE VARIABLE mpData              AS MEMPTR      NO-UNDO.
DEFINE VARIABLE mpEncrypted         AS MEMPTR      NO-UNDO.
DEFINE VARIABLE chOutputFile        AS CHARACTER   NO-UNDO.
DEFINE VARIABLE chPassword          AS CHARACTER   NO-UNDO.
DEFINE VARIABLE rPBEKey             AS RAW       NO-UNDO.
DEFINE VARIABLE chhexkey            AS CHARACTER   NO-UNDO.
DEFINE VARIABLE SOSCOMMAND          AS CHARACTER   NO-UNDO.
DEFINE VARIABLE chPlainText         AS CHARACTER   NO-UNDO.

chOutputFile = 'encrypted-file.aes'.
chPlainText = "I've got something I want to encrypt.... " + STRING(NOW).
chPassword = "password".   

SET-SIZE(mpData)        = 0.
SET-SIZE(mpData)        = LENGTH(chPlainText,'RAW') + 1.
PUT-STRING(mpData,1)    = chPlainText.

SECURITY-POLICY:SYMMETRIC-ENCRYPTION-ALGORITHM = 'AES_CBC_256':U.
SECURITY-POLICY:PBE-KEY-ROUNDS                 = 1000.
SECURITY-POLICY:PBE-HASH-ALGORITHM             = 'SHA-512':U.
SECURITY-POLICY:ENCRYPTION-SALT                = ?.


rPBEKey = GENERATE-PBE-KEY (chPassword).
chhexkey = HEX-ENCODE(rPBEKey).

/*UPDATE chhexkey format "x(64)". */ /** Used for debuguing..**/

SECURITY-POLICY:SYMMETRIC-ENCRYPTION-KEY = rPBEKey.
SECURITY-POLICY:SYMMETRIC-ENCRYPTION-IV  = ?.   /** Zero Postion. ABL DEFAULT. */

mpEncrypted = ENCRYPT(mpData).

COPY-LOB FROM OBJECT mpEncrypted TO FILE chOutputFile NO-CONVERT.

SET-SIZE(mpData)        = 0.
SET-SIZE(mpEncrypted)   = 0.

/** Delete the old file if it exists.....**/
IF SEARCH(chOutputFile + '.dec') NE ? THEN
    OS-DELETE VALUE(chOutputFile + 'dec').

/*** time to decrypt **/
SOSCOMMAND = SUBSTITUTE("&3sslc enc -d -aes-256-cbc -K &1 -iv 0 -in &2 -out &2.dec",
                        chhexkey,
                        chOutputFile,
                        'C:\progress\OpenEdge111\bin\'). /** Change the progress path installation here... **/

OS-COMMAND SILENT VALUE(SOSCOMMAND).

IF SEARCH(chOutputFile + '.dec') NE ? THEN
    MESSAGE 'Decrypted File Created. Check it out!'
        VIEW-AS ALERT-BOX INFO.