Encryption (2024)

Table of Contents
Overview Encryption Types How to Encrypt an Existing File How to set Default Encryption on a Sun Intel or Solaris Platform Passwords Notes

Overview

BBj 4.0 and higher and PRO/5 PRO/5 and Visual PRO/5 5.0 and higher utilize the 128-bit AES (Advanced Encryption Standard) encryption. Version 6.0 and higher of BBj, Visual PRO/5, and PRO/5 offer 256-bit AES encryption. AES is the National Institute of Standards and Technology (NIST) secret key cryptography method that officially replaced the Triple DES method in 2001 as the industry standard. AES is fast and efficient in operation while also permitting a very high degree of cryptographic security.

Encryption Types

CRYPTPASS= mode

Used with the file creation verbs and OPEN verbs to create and access encrypted MKEYED files

DECRYPT()

Decrypts data and record fields.

ENCRYPT()

Encrypts data and record fields.

PASSWD= mode

Password protects records in an MKEYED file from unauthorized reads and writes. It does not encrypt the data.

How to Encrypt an Existing File

To encrypt an existing file, write a short program to perform the following:

  1. Open the existing file.

  2. Create a new encrypted version of the old file using the MKEYED verb, FID() function, and CRYPTPASS= mode.

  3. Iterate through the existing file reading the records from that file.

  4. Write the records to the new encrypted file.

How to set Default Encryption on a Sun Intel or Solaris Platform

In BBj revisions prior to 19.0, the security providers that Java supplies by default are not compatible with the default encryption that BASIS uses, which in turn affects both BBj Solaris and Sun-Intel ports.

To remedy this, first make changes to the java.security file located in ..<jdk_home>/JRE/lib/security/security.policy file. Use root permissions and give the file write permissions temporarily.

By default, the list of security providers will look like this:

security.provider.1=com.oracle.security.ucrypto.UcryptoProvider ${java.home}/lib/security/ucrypto-solaris.cfg

security.provider.2=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg

security.provider.3=sun.security.provider.Sun

security.provider.4=sun.security.rsa.SunRsaSign

security.provider.5=sun.security.ec.SunEC

security.provider.6=com.sun.net.ssl.internal.ssl.Provider

security.provider.7=com.sun.crypto.provider.SunJCE

security.provider.8=sun.security.jgss.SunProvider

security.provider.9=com.sun.security.sasl.Provider

security.provider.10=org.jcp.xml.dsig.internal.dom.XMLDSigRI

security.provider.11=sun.security.smartcardio.SunPCSC

The default encryption depends on Sun and SunEC security providers. The list needs to be reordered by moving the first two entries to the last positions:

security.provider.1=sun.security.provider.Sun

security.provider.2=sun.security.rsa.SunRsaSign

security.provider.3=sun.security.ec.SunEC

security.provider.4=com.sun.net.ssl.internal.ssl.Provider

security.provider.5=com.sun.crypto.provider.SunJCE

security.provider.6=sun.security.jgss.SunProvider

security.provider.7=com.sun.security.sasl.Provider

security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI

security.provider.9=sun.security.smartcardio.SunPCSC

security.provider.10=com.oracle.security.ucrypto.UcryptoProvider ${java.home}/lib/security/ucrypto-solaris.cfg

security.provider.11=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/sunpkcs11-solaris.cfg

Once complete, change the file permissions back to --r--r--r and restart BBjServices.

The default encryption should now work properly.

Passwords

Use passwords with caution. If the password is lost or forgotten the encrypted data cannot be recovered. Furthermore, there is absolutely no way to retrieve or derive a lost password.

To receive the full benefit of using AES-256 instead of AES-128, the password must be a minimum length of 17 characters. BASIS, however, recommends a password of 40 characters.

Notes

  • Field-level encryption on keyed fields prevents the filesystem from iterating through the records on the encrypted keychain. However, exact match finds are still possible.

  • JKEYED files (Deprecated) do not currently support file-level encryption.

  • The ENCRYPT() and DECRYPT() functions take strings as parameters; convert all numerics to a string before encrypting it.

  • Some encrypted data is longer than the decrypted version of the data, depending on the encryption algorithm used. For example, encrypting an 18-byte string using AES 128 bit encryption will result in a 32-byte string. This occurrence of longer encrypted data can have an impact on field definitions in files and in string templates. BASIS recommends working with two templates - one for the decrypted version and one for the encrypted version that accommodates for the extra field length.

  • To utilize AES-256 in BBj, the "Java Cryptography Extension (JCE)" module must be installed. These files are available for download at Oracle's Java SE Downloads page under "Additional Resources" near the bottom of the page.

Encryption (2024)
Top Articles
Ease of use
Cast-to-Guest Pin Trading Returns at Walt Disney World  - Disney Parks Blog
Top 11 Best Bloxburg House Ideas in Roblox - NeuralGamer
Bleak Faith: Forsaken – im Test (PS5)
Unit 30 Quiz: Idioms And Pronunciation
Food King El Paso Ads
Time in Baltimore, Maryland, United States now
Nco Leadership Center Of Excellence
Alan Miller Jewelers Oregon Ohio
Chelsea player who left on a free is now worth more than Palmer & Caicedo
Hk Jockey Club Result
Samsung 9C8
Chuckwagon racing 101: why it's OK to ask what a wheeler is | CBC News
Draconic Treatise On Mining
Bernie Platt, former Cherry Hill mayor and funeral home magnate, has died at 90
Craigslist Greenville Craigslist
DIN 41612 - FCI - PDF Catalogs | Technical Documentation
4302024447
What to do if your rotary tiller won't start – Oleomac
Miss America Voy Forum
7 Low-Carb Foods That Fill You Up - Keto Tips
Raleigh Craigs List
Gdp E124
The Pretty Kitty Tanglewood
Traveling Merchants Tack Diablo 4
Faurot Field Virtual Seating Chart
Icivics The Electoral Process Answer Key
Tu Pulga Online Utah
Jc Green Obits
Mybiglots Net Associates
Penn State Service Management
Viduthalai Movie Download
Kuttymovies. Com
Gyeon Jahee
The Best Restaurants in Dublin - The MICHELIN Guide
3496 W Little League Dr San Bernardino Ca 92407
Trizzle Aarp
Google Flights Orlando
Riverton Wyoming Craigslist
More News, Rumors and Opinions Tuesday PM 7-9-2024 — Dinar Recaps
Best Restaurants West Bend
Arcane Bloodline Pathfinder
Sig Mlok Bayonet Mount
Haunted Mansion (2023) | Rotten Tomatoes
Value Village Silver Spring Photos
Canonnier Beachcomber Golf Resort & Spa (Pointe aux Canonniers): Alle Infos zum Hotel
Joy Taylor Nip Slip
Kushfly Promo Code
Mit diesen geheimen Codes verständigen sich Crew-Mitglieder
The Ultimate Guide To 5 Movierulz. Com: Exploring The World Of Online Movies
Yoshidakins
Latest Posts
How to AutoFit in Excel: adjust columns and rows to match data size
The 5 Worst Places to Hide a Key
Article information

Author: Golda Nolan II

Last Updated:

Views: 5573

Rating: 4.8 / 5 (58 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Golda Nolan II

Birthday: 1998-05-14

Address: Suite 369 9754 Roberts Pines, West Benitaburgh, NM 69180-7958

Phone: +522993866487

Job: Sales Executive

Hobby: Worldbuilding, Shopping, Quilting, Cooking, Homebrewing, Leather crafting, Pet

Introduction: My name is Golda Nolan II, I am a thoughtful, clever, cute, jolly, brave, powerful, splendid person who loves writing and wants to share my knowledge and understanding with you.