$encode/$decode "TWOFISH": a little warning

Hi Freaks

I have just installed UnifAce 10.4.2.0-049 for testing.
And the first problem was that encryption for internal, short-term critical content no longer worked.
It turned out that $encode/$decode with "TWOFISH" now checks the key length more precisely. Instead of padding the key with zeros(?) the key length must be 16, 24 or 32.
In UnifAce 10.4.2.0-018 it could be any key length

BTW: The documentation about "Block Ciphers"  for UnifAce 10.4.2.0-049 also has a bug.
In 10.4.2.0-018 there was still the superscript number 2) which indicated that the length will be padded.
In 10.4.2.0-049 there is still a 2, but it is no longer clickable and no longer refers to an explanation

Ingo

Hello Ingo

Probably it has to do with

https://community.rocketsoftware.com/discussion/rocket-uniface-10402-034-released

New Feature(s)

• Elliptic Curve Cryptography is now supported in $encode and $decode functions, with three schemes: ECIES, ECDSA and Ed25519.
•  
• Uniface supports a new algorithm in functions $encode and $decode: Base64URL, which makes URL encoding simpler and more efficient.

Hi Peter

Maybe, who knows about the "dubious" ways Uniface and the encryption algorithms are used here? *grin*
And as I wrote, it is not a big problem as you just have to pad you key to  a length of 16, 24 or 32.
My thread at the beginning was only meant as a hint to others: "If you have a problem with TWOFISH, have a look at the key length". :-)

Ingo

Hello Ingo

Lets handle this further via the support case.

An issue will be created for this.

The change is due to a tightened-up security measure and the advise for users is to change/upgrade their encryption keys