Uniface User Forum

Hi Freaks

I have just installed UnifAce 10.4.2.0-049 for testing.
And the first problem was that encryption for internal, short-term critical content no longer worked.
It turned out that $encode/$decode with "TWOFISH" now checks the key length more precisely. Instead of padding the key with zeros(?) the key length must be 16, 24 or 32.
In UnifAce 10.4.2.0-018 it could be any key length

BTW: The documentation about "Block Ciphers"  for UnifAce 10.4.2.0-049 also has a bug.
In 10.4.2.0-018 there was still the superscript number 2) which indicated that the length will be padded.
In 10.4.2.0-049 there is still a 2, but it is no longer clickable and no longer refers to an explanation

Ingo

Hello Ingo

Probably it has to do with

https://community.rocketsoftware.com/discussion/rocket-uniface-10402-034-released

New Feature(s)

• Elliptic Curve Cryptography is now supported in $encode and $decode functions, with three schemes: ECIES, ECDSA and Ed25519.
•  
• Uniface supports a new algorithm in functions $encode and $decode: Base64URL, which makes URL encoding simpler and more efficient.

Hi Freaks

I have just installed UnifAce 10.4.2.0-049 for testing.
And the first problem was that encryption for internal, short-term critical content no longer worked.
It turned out that $encode/$decode with "TWOFISH" now checks the key length more precisely. Instead of padding the key with zeros(?) the key length must be 16, 24 or 32.
In UnifAce 10.4.2.0-018 it could be any key length

BTW: The documentation about "Block Ciphers"  for UnifAce 10.4.2.0-049 also has a bug.
In 10.4.2.0-018 there was still the superscript number 2) which indicated that the length will be padded.
In 10.4.2.0-049 there is still a 2, but it is no longer clickable and no longer refers to an explanation

Ingo

Hi Peter

Maybe, who knows about the "dubious" ways Uniface and the encryption algorithms are used here? *grin*
And as I wrote, it is not a big problem as you just have to pad you key to  a length of 16, 24 or 32.
My thread at the beginning was only meant as a hint to others: "If you have a problem with TWOFISH, have a look at the key length". :-)

Ingo

Hello Ingo

Probably it has to do with

https://community.rocketsoftware.com/discussion/rocket-uniface-10402-034-released

New Feature(s)

• Elliptic Curve Cryptography is now supported in $encode and $decode functions, with three schemes: ECIES, ECDSA and Ed25519.
•  
• Uniface supports a new algorithm in functions $encode and $decode: Base64URL, which makes URL encoding simpler and more efficient.

Hi Freaks

I have just installed UnifAce 10.4.2.0-049 for testing.
And the first problem was that encryption for internal, short-term critical content no longer worked.
It turned out that $encode/$decode with "TWOFISH" now checks the key length more precisely. Instead of padding the key with zeros(?) the key length must be 16, 24 or 32.
In UnifAce 10.4.2.0-018 it could be any key length

BTW: The documentation about "Block Ciphers"  for UnifAce 10.4.2.0-049 also has a bug.
In 10.4.2.0-018 there was still the superscript number 2) which indicated that the length will be padded.
In 10.4.2.0-049 there is still a 2, but it is no longer clickable and no longer refers to an explanation

Ingo

Hello Ingo

Lets handle this further via the support case.

An issue will be created for this.

The change is due to a tightened-up security measure and the advise for users is to change/upgrade their encryption keys

Hi Peter

Maybe, who knows about the "dubious" ways Uniface and the encryption algorithms are used here? *grin*
And as I wrote, it is not a big problem as you just have to pad you key to  a length of 16, 24 or 32.
My thread at the beginning was only meant as a hint to others: "If you have a problem with TWOFISH, have a look at the key length". :-)

Ingo

Hello Ingo

Probably it has to do with

https://community.rocketsoftware.com/discussion/rocket-uniface-10402-034-released

New Feature(s)

• Elliptic Curve Cryptography is now supported in $encode and $decode functions, with three schemes: ECIES, ECDSA and Ed25519.
•  
• Uniface supports a new algorithm in functions $encode and $decode: Base64URL, which makes URL encoding simpler and more efficient.

Hi Freaks

I have just installed UnifAce 10.4.2.0-049 for testing.
And the first problem was that encryption for internal, short-term critical content no longer worked.
It turned out that $encode/$decode with "TWOFISH" now checks the key length more precisely. Instead of padding the key with zeros(?) the key length must be 16, 24 or 32.
In UnifAce 10.4.2.0-018 it could be any key length

BTW: The documentation about "Block Ciphers"  for UnifAce 10.4.2.0-049 also has a bug.
In 10.4.2.0-018 there was still the superscript number 2) which indicated that the length will be padded.
In 10.4.2.0-049 there is still a 2, but it is no longer clickable and no longer refers to an explanation

Ingo