Hi Freaks
I have just installed UnifAce 10.4.2.0-049 for testing.
And the first problem was that encryption for internal, short-term critical content no longer worked.
It turned out that $encode/$decode with "TWOFISH" now checks the key length more precisely. Instead of padding the key with zeros(?) the key length must be 16, 24 or 32.
In UnifAce 10.4.2.0-018 it could be any key length
BTW: The documentation about "Block Ciphers" for UnifAce 10.4.2.0-049 also has a bug.
In 10.4.2.0-018 there was still the superscript number 2) which indicated that the length will be padded.
In 10.4.2.0-049 there is still a 2, but it is no longer clickable and no longer refers to an explanation
Ingo
------------------------------
Ingo Stiller
Aareon Deutschland GmbH
------------------------------
Hello Ingo
Probably it has to do with
https://community.rocketsoftware.com/discussion/rocket-uniface-10402-034-released
New Feature(s)
- Elliptic Curve Cryptography is now supported in $encode and $decode functions, with three schemes: ECIES, ECDSA and Ed25519.
-
- Uniface supports a new algorithm in functions $encode and $decode: Base64URL, which makes URL encoding simpler and more efficient.
------------------------------
Peter Beugel
Rocket Internal - All Brands
Amsterdam NL
------------------------------
Hello Ingo
Probably it has to do with
https://community.rocketsoftware.com/discussion/rocket-uniface-10402-034-released
New Feature(s)
- Elliptic Curve Cryptography is now supported in $encode and $decode functions, with three schemes: ECIES, ECDSA and Ed25519.
-
- Uniface supports a new algorithm in functions $encode and $decode: Base64URL, which makes URL encoding simpler and more efficient.
------------------------------
Peter Beugel
Rocket Internal - All Brands
Amsterdam NL
------------------------------
Hi Peter
Maybe, who knows about the "dubious" ways Uniface and the encryption algorithms are used here? *grin*
And as I wrote, it is not a big problem as you just have to pad you key to a length of 16, 24 or 32.
My thread at the beginning was only meant as a hint to others: "If you have a problem with TWOFISH, have a look at the key length". :-)
Ingo
------------------------------
Ingo Stiller
Aareon Deutschland GmbH
------------------------------
Hi Peter
Maybe, who knows about the "dubious" ways Uniface and the encryption algorithms are used here? *grin*
And as I wrote, it is not a big problem as you just have to pad you key to a length of 16, 24 or 32.
My thread at the beginning was only meant as a hint to others: "If you have a problem with TWOFISH, have a look at the key length". :-)
Ingo
------------------------------
Ingo Stiller
Aareon Deutschland GmbH
------------------------------
Hello Ingo
Lets handle this further via the support case.
An issue will be created for this.
The change is due to a tightened-up security measure and the advise for users is to change/upgrade their encryption keys
------------------------------
Peter Beugel
Rocket Internal - All Brands
Amsterdam NL
------------------------------
Hello Ingo
Lets handle this further via the support case.
An issue will be created for this.
The change is due to a tightened-up security measure and the advise for users is to change/upgrade their encryption keys
------------------------------
Peter Beugel
Rocket Internal - All Brands
Amsterdam NL
------------------------------
The Uniface library will be updated:
For TWOFISH, the key length is '16,24,32 bytes' not '1 to 32 bytes'.
There is also similar change for blowfish.
For BLOWFISH, the key length is '4 to 56 bytes' instead of '1 to 56 bytes'.
------------------------------
Peter Beugel
Rocket Internal - All Brands
Amsterdam NL
------------------------------
