The Uniface library will be updated:
For TWOFISH, the key length is '16,24,32 bytes' not '1 to 32 bytes'.
There is also similar change for blowfish.
For BLOWFISH, the key length is '4 to 56 bytes' instead of '1 to 56 bytes'.
------------------------------
Peter Beugel
Rocket Internal - All Brands
Amsterdam NL
------------------------------
Original Message:
Sent: 06-06-2024 05:05
From: Peter Beugel
Subject: $encode/$decode "TWOFISH": a little warning
Hello Ingo
Lets handle this further via the support case.
An issue will be created for this.
The change is due to a tightened-up security measure and the advise for users is to change/upgrade their encryption keys
------------------------------
Peter Beugel
Rocket Internal - All Brands
Amsterdam NL
Original Message:
Sent: 06-05-2024 03:51
From: Ingo Stiller
Subject: $encode/$decode "TWOFISH": a little warning
Hi Peter
Maybe, who knows about the "dubious" ways Uniface and the encryption algorithms are used here? *grin*
And as I wrote, it is not a big problem as you just have to pad you key to a length of 16, 24 or 32.
My thread at the beginning was only meant as a hint to others: "If you have a problem with TWOFISH, have a look at the key length". :-)
Ingo
------------------------------
Ingo Stiller
Aareon Deutschland GmbH
Original Message:
Sent: 06-04-2024 10:35
From: Peter Beugel
Subject: $encode/$decode "TWOFISH": a little warning
Hello Ingo
Probably it has to do with
https://community.rocketsoftware.com/discussion/rocket-uniface-10402-034-released
New Feature(s)
- Elliptic Curve Cryptography is now supported in $encode and $decode functions, with three schemes: ECIES, ECDSA and Ed25519.
-
- Uniface supports a new algorithm in functions $encode and $decode: Base64URL, which makes URL encoding simpler and more efficient.
------------------------------
Peter Beugel
Rocket Internal - All Brands
Amsterdam NL
Original Message:
Sent: 06-04-2024 02:40
From: Ingo Stiller
Subject: $encode/$decode "TWOFISH": a little warning
Hi Freaks
I have just installed UnifAce 10.4.2.0-049 for testing.
And the first problem was that encryption for internal, short-term critical content no longer worked.
It turned out that $encode/$decode with "TWOFISH" now checks the key length more precisely. Instead of padding the key with zeros(?) the key length must be 16, 24 or 32.
In UnifAce 10.4.2.0-018 it could be any key length
BTW: The documentation about "Block Ciphers" for UnifAce 10.4.2.0-049 also has a bug.
In 10.4.2.0-018 there was still the superscript number 2) which indicated that the length will be padded.
In 10.4.2.0-049 there is still a 2, but it is no longer clickable and no longer refers to an explanation
Ingo
------------------------------
Ingo Stiller
Aareon Deutschland GmbH
------------------------------