Question
· Sep 20, 2023
Size limit for Base64Decode

Hi Community,

Can I please check what the size limit for the parameter in $SYSTEM.Encryption.Base64Decode() method ?

I have a 12 page base64 encoded PDF document, which is failing when decoded. I am getting the error below:

ERROR <Ens>ErrException: <ILLEGAL VALUE>zXSDToLogical+1^%Library.Binary.1 -- logged as '-' number - @''

OBX:5 size=4233781

I tried the below from terminal, but it is not able copy the whole string for the parameter so couldn't execute it.

0 4
0 390

So I have a base string that I want to sign using RSA-SHA256. I have a .p12 file and passphrase to get the RSA Private key using NodeJS (pem.readPkcs12 library), which I don't know how to do that in intersystems as well. (would appreciate if you can include a solution for that too)

The main problem here is I am trying to sign a string and print the result to terminal, using the code below in a routine (.mac file).

0 2
0 599

Hi All,

Hopefully someone can help me with this case. I need to encrypt a text(querystring) with an AES265 encryption. An other vendor is decrypting this information. I have a working class in C#. I've tried to build the same in Objectscript for the encrypt part but there's a missing link somewhere. What's the difference between the C# and Objectscript implementation?

Objectscript code (until now):

0 7
0 614

Credentials for a Productions are stored as plain text in ^Ens.SecondaryData.Password and exposed as plain text via SQL table Ens_Config.Credentials which is not ideal as only admins should know the credentials.

I can create my own adapter etc... to store and use encrypted passwords but does anyone know if there is a standard way to do this in a Production?

Alternatively, am I missing how to secure this so the production can run and someone can monitor and operate a production without access to the SQL table or global?

1 2
2 494
Question
· Dec 2, 2021
SNN Encryption

I need to store an equivalent of the SNN (Social Security number). I need it to be encrypted and I'll have to be able to search for it once stored.

For what I've seen my options are:

- SHAHash from the %system.encryption library. Simple and easy to implement. My question is, might collisions be a problem? We are talking about a 10 millions entry.

- AES encryption. In this case I'd like to know if there is a standard way for key management in the InterSystems environment.

0 2
0 324

I would like to know if an encrypted caché database can run significantly slower than a normal "unencrypted" database, in a way that is noticeable to the end user (e.g. slower response time for most pages, especially the ones that rely on read/writing to globals).

I searched in Intersystems knowledge base and couldn't find anything related. I'm looking for possible before/after benchmarks.

0 3
0 300

Can the built-in $System.Encryption.TOTP() function be used in conjunction with Authenticator Apps (e.g. Google, Microsoft, and so on)?

Providing the same secret/key to a variety of authentication apps, they all return the same synchronized value. However, passing the same secret/key to $System.Encryption.TOTP() is generating a different value (with all instances executing at the same time for comparison).

0 1
0 249

Now I want to return a large amount of data to the front end. The string length has reached 40000 +, and the returned data needs to be encrypted by AES + Base64. I can convert the string into a stream. AES can use the AESCBCEncryptStream method to encrypt, but Base64 has no stream method。Anyone who get the solution would you kindly share the solution please。

Any help would be appreciated. Thanks!

1 10
0 14.5K

I am using the Java Binding to connect a Java Middleware Application to Cache. Originally I was using a CacheListOfDataTypes (JAVATYPE = "java.lang.List") object to bring data back. I was tasked with encrypting the data using AES and I was using the AESCBCEncrypt function on the List elements (up to 20k characters for each element) to bring it back before concatenating it on the middleware. This almost worked. Like 95% of the characters were being decrypted correctly but some text was coming back garbled. I couldn't understand how this was happening.

0 3
1 479

Thanks for all replies in advance. We have a security vulnerability that we have to get rid of. We use Putty software to connect to cache as a terminal allowing several users to do maintenance work in cache. this uses telnet Plain text. I know that we can configure telnet to be encrypted using the super server service and I'm looking for software that can work like Putty as a terminal using encryption compatible with cache telnet encryption. If I have cache installed on my PC and setup a connection to the server using Kerberos with encryption and use the terminal option to connect to

0 5
0 865

Hi,

I have a client who is considering encryption options in order to comply with a tendering requirement.

Were they to encrypt the production database then what would be a reasonable expectation forthe impact on message throughput. Or possibly more easily answered: what would be the expected impact be on I/O rate and CPU utilization. Are there any benchmarks to which could support an estimate ?

How would this compare with plan B: to use disk encryption ?

Thanks

0 3
0 490

Hello,

Sorry for my epic english :(

I have a strange issue.

I have generated an encryption key with the tool (UI.Portal.EncryptionCreate.zen).

Then I activate my key for data encryption (UI.Portal.EncryptionManaged) and encryption work fine.

But when I reboot my server the key is removed from the data encryption key list (UI.Portal.EncryptionManaged) and I have to re-activate the key.

Perhaps somebody have an idee ?

Cache version : Cache for Windows (x86-64) 2016.2.2 (Build 853U)

Windows: Windows Server 2012 R2 Standard

0 2
0 366

Hello; We are managing several Ensemble instances on several servers. One server has 4 instances, and two other servers have one instance each (those are production servers). We encrypt all instances using the Caché encryption in the management portal.

Currently we are using two different encryption keys: 1 key on the server with 4 instances, which is used for all 4 instances, and a second key on single-instance server. ( I'm installing the newest production server now.)

1 1
0 640
Question
· Aug 4, 2017
AES Encryption

Trying to use AES encryption for a url. I have a plain text string, a 16-byte key and a initialization vector. I am trying to match a C# implementation that uses RijndaelManaged class with a BlockSize = 128, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7. The output of the $SYSTEM.Encryption.AESCBCEncrypt(text,key,IV), doesn't match what is coming out of C#. All inputs into the $SYSTEM.Encryption.AESCBCEncrypt(text,key,IV) are converted to UTF8 as in the documentation.

0 5
0 1.7K

Hi,

I have a situation where I write a character stream to a file. The file content gets signed and the signature is sent to a service provider together with the file content.

The signing is done using openssl.

This works perfectly on a dev PC, which is runnning Windows and has a little-endian architecture.

The problem is as soon as I do this on the server, which has a big-endian architecture, the signed value is incorrect according to the service provider.

The content is signed using RSA SHA256 with PSS padding.

0 8
0 3.2K

I'm currently re-engineering an application from CSP pages directly accessing COS Methods, to an Angular/Material front end accessing a REST DAL. Both the Angular front end and REST services are hosted from the same Caché instance and the same namespace, but the REST services have their own CSP application, with all calls being routed through a Dispatch class.

0 5
0 548