1

I am extracting some data from a UNIVERSE system and want to encrypt it for transfer via email.

I am no UNIVERSE expert so am using bits and pieces we have found from around the internet and it "looks" like it is working BUT I just can't seem to decrypt the data.

Below is the script I have used based on code found on the web:

RESULT=''
ALGORITHM="rc2-cbc"                     ; * 128 bit rc2 algorithm in CBC mode 
MYKEY="23232323" ; * HEX - Actual Key 
IV=   "12121212"               ; * HEX - Initialization Vector 


DATALOC=1                           ; * Data in String 
KEYLOC=1                            ; * Key in String 
ACTION=5                            ; * Base64 encode after encryption 
KEYACTION=1                         ; * KEY_ACTUAL_OPENSSL 
SALT=''                             ; * SALT not used 
RESULTLOC=1                         ; * Result in String RESULT 
OPSTRING = ''

RETURN.CODE=ENCRYPT(ALGORITHM,ACTION,DATASTRING,DATALOC,MYKEY,KEYLOC,KEYACTION,SALT,IV,OPSTRING,RESULTLOC)
RETURN.CODE = OPSTRING

Below are a few data strings I have processed through this script and the resulting string:

INPUT 05KI OUTPUT iaYoHzxYlmM=

INPUT 05FOAA OUTPUT e0XB/jyE9ZM=

When I try to decode and decrypt the resulting OUTPUT with an online decrypter, I still get no results: https://www.tools4noobs.com/online_tools/decrypt/

I'm thinking it might be a character encoding issue or perhaps the encryption is not working but I have no idea how to resolve - we have been working on this for a few weeks and cannot get any data that is decryptable...

All setups and fields have been set based on this: https://www.dropbox.com/s/ban1zntdy0q27z3/Encrypt%20Function.pdf?dl=0

php-b-grader
  • 3,191
  • 11
  • 42
  • 53
  • There's no technical explanation of the problem here. I suggest post your PHP script and "anything". Do you get a blank string? Or a string with rubbish in it? – Nick.Mc Jan 14 '19 at 01:47
  • the "PHP script" is in the URL in the text: https://www.tools4noobs.com/online_tools/decrypt/ – php-b-grader Jan 14 '19 at 03:03
  • When I encrypt using that web sites associated encryption tool I get a different result so I guess your Universe encryption algorithm is not functioning. For 05KI I get something that starts with `Ktx`. The output you posted appears to be Base64 encoded. – Nick.Mc Jan 14 '19 at 03:11
  • With 9 or ten input parameters to your Universe function, you might find a minor tweak to one of them fixes it. I would certainly recommend doing this activity _outside_ universe if possible, if it is acceptable to extract the data unencrypted to disk first. – Nick.Mc Jan 14 '19 at 03:14
  • It is base64 encoded - see: ACTION=5 ; * Base64 encode after encryption. Doing it outside of universe is basically not achievable for a number of reasons – php-b-grader Jan 14 '19 at 03:33
  • It is base64 encoded - see: ACTION=5 ; * Base64 encode after encryption. Doing it outside of universe is basically not achievable for a number of reasons. I guess you have confirmed my suspicions -that the data coming out rc2-cbc encrypted and base64 encoded is not what is expected. – php-b-grader Jan 14 '19 at 03:39
  • You probably need a Universe expert at this stage. – Nick.Mc Jan 14 '19 at 04:22
  • @php-b-grader out of curiosity what version of universe are you running? If you are not sure you can run "CT VOC RELLEVEL" at TCL. Also are you actually inputting your key and vector as HEX? If so you will likely need to convert them from HEX to binary before passing them as inputs to ENCRYPT otherwise the decryption key will likely not match. Also as you mentioned your settings will return base64 encoded results. So you will need to decode before decrypting. – Austin S. Jan 14 '19 at 23:04
  • Missed the edit window but was looking for this link to share: https://u2devzone.rocketsoftware.com/accelerate/articles/data-encryption/data-encryption.html for an example, or the UV Basic Documentation which you can find here: https://www.rocketsoftware.com/products/rocket-u2/universe-v11.3.1 – Austin S. Jan 14 '19 at 23:11
  • @AustinS. The key is actually text in the code (as can be seen above) MYKEY="23232323" ; * HEX - Actual Key ; IV= "12121212" ; * HEX - Initialization Vector ; based on your comments, i'm going to assume nothing in that script is converting to hex (however that is done) ... the link you provided is what we used initially BUT the doc I included has additional ACTIONS not included here so we have used the updated doc. Docs say: KEY: Either the actual key or pass phrase, or the name of a file containing the key or pass phrase – php-b-grader Jan 15 '19 at 05:58

1 Answers1

1

If I feed the base-64 encrypted string from your code back into the Unidata DECRYPYT function with the same parameters it decrypts just fine.

I suspect something funny is happening with the key. This page mentions something like that: https://u2devzone.rocketsoftware.com/accelerate/articles/data-encryption/data-encryption.html "Generating a suitable key is one of the thornier problems associated with encryption. Keys should be generated as random binary strings, making them obviously difficult to remember. Accordingly, it is probably more common for applications to supply a pass phrase to the ENCRYPT function and have the function internally generate the actual encryption key."

One option to remove the Universe ENCRYPT function from the picture is to use openSSL directly. It looks like the ENCRYPT/DECRYPT functions are just thin wrappers around the openSSL library, so you can execute that to get the result. I'm having problems with the php page you're using for verification, but if I feed the base-64 encrypted string to an openSSL decrypt command on a different machine, it decrypts fine.

MYKEY="A long secret key"
DATASTRING="data to be encrypted data here"
EXECUTE '!echo "':DATASTRING:'"| openssl enc -base64 -e -rc2-cbc -nosalt -k "':MYKEY:'"' CAPTURING RESULT
Ian McGowan
  • 3,461
  • 3
  • 18
  • 23