Hey Joe - Here is some code I ran in Netbeans without error in order to test the DES encryption to find the length of the ciphered text. I added a few lines of code to show you the encrypted value and it's length the rest I can't/won't take credit for. You can build workflow to run the java code and set a field in your form to the value returned by the length method in the code. Catch the return and use it to do the set fields. The code is as follows: /* * To change this template, choose Tools | Templates * and open the template in the editor. */package mik.test.snippet; /** * * @author mlatham */import java.security.InvalidKeyException;import java.security.NoSuchAlgorithmException; import javax.crypto.Cipher;import javax.crypto.KeyGenerator;import javax.crypto.NoSuchPaddingException;import javax.crypto.SecretKey; import com.sun.xml.internal.messaging.saaj.packaging.mime.util.BASE64DecoderStream;import com.sun.xml.internal.messaging.saaj.packaging.mime.util.BASE64EncoderStream; public class EncryptDecryptStringWithDES { private static Cipher ecipher; private static Cipher dcipher; private static SecretKey key; public static void main(String[] args) { try { // generate secret key using DES algorithm key = KeyGenerator.getInstance("DES").generateKey(); ecipher = Cipher.getInstance("DES"); dcipher = Cipher.getInstance("DES"); // initialize the ciphers with the given key ecipher.init(Cipher.ENCRYPT_MODE, key); dcipher.init(Cipher.DECRYPT_MODE, key); String encrypted = encrypt("This is a highly classified message!"); String decrypted = decrypt(encrypted); int length = encrypted.length(); System.out.println("Encryted:" + encrypted); System.out.println("Decrypted: " + decrypted); System.out.println("The length of the encrypted string is: " + length); } catch (NoSuchAlgorithmException e) { System.out.println("No Such Algorithm:" + e.getMessage()); return; } catch (NoSuchPaddingException e) { System.out.println("No Such Padding:" + e.getMessage()); return; } catch (InvalidKeyException e) { System.out.println("Invalid Key:" + e.getMessage()); return; } } public static String encrypt(String str) { try { // encode the string into a sequence of bytes using the named charset // storing the result into a new byte array. byte[] utf8 = str.getBytes("UTF8"); byte[] enc = ecipher.doFinal(utf8); // encode to base64 enc = BASE64EncoderStream.encode(enc); return new String(enc); } catch (Exception e) { } return null; } public static String decrypt(String str) { try { // decode with base64 to get bytes byte[] dec = BASE64DecoderStream.decode(str.getBytes()); byte[] utf8 = dcipher.doFinal(dec); // create new string based on the specified charset return new String(utf8, "UTF8"); } catch (Exception e) { } return null; } } END OF CODE From: mlatha...@hotmail.com To: arslist@arslist.org Subject: RE: Working with ENCRYPT() function... Date: Mon, 23 Apr 2012 14:32:13 -0400
In general - a character in the English language is represented by 1 byte for ASCII and 2 bytes per character for Unicode. A lot of encoding in the various languages is done using Unicode. So 1 Byte contains 8-16 bits depending on whether it is ASCII or Unicode. Excuse me for a moment, I need to get caught up on what you are currently doing or what your actual issue is. You take a value which you input yourself and use the ENCRYPT function to cipher that value? You then want to get the length of the encrypted value? Date: Mon, 23 Apr 2012 11:17:02 -0400 From: jdso...@shyle.net Subject: Re: Working with ENCRYPT() function... To: arslist@ARSLIST.ORG ** Good to hear from you too Michael.. I’m back in the downtown area these days – haven’t worked in this area since we last worked together at Nomura about 7 years ago. Time flies eh? I’m about 2 or 3 blocks away from there and even intend to take lunch at some of those restaurants from that area when the weather gets a little more forgiving.. I’m still into Remedy work a bit of consulting and some developing. I kind of miss some of the older work we used to get that involved more development than customization. I had stayed away from ITSM kind of projects for the longest time, until I realized that if I kept staying away from it, I might soon have to start looking at an alternative solution to work with. I've had very brief opportunities to work with some complimentary products, but stayed with the mainstream Remedy products mostly. As you may have figured out from some of my recent posts, I am currently working on an integration effort between Remedy and OIM (Oracle Identity Management) using their SPML (web services). I had a sticky pitch for a while, but it turned out it was because of some configuration settings from the OIM side. They (OIM admins) still haven’t figured out what that discrepancy might be but I’ve asked them to investigate the difference between a now working instance and the older non working one. This I figure would be useful information to have later while building the other production and training environments at this site.. Anyways getting back on topic, I’m yet to determine what length I may need to hold my encrypted string that holds the OIM configuration password... I have currently set it to 120 and for now will resort to the good old trial and error method, in the absence of the exact formula to use to determine it. OIM allows passwords of no more than length 8 and I have noticed that using an encryption key of length 38, a GUID, returns outputs of length averaging in between 75 to 80.. So I created a field of length 120 to store that, hoping it would not cross that value. Cheers Joe From: Michael Latham Sent: Monday, April 23, 2012 9:48 AM Newsgroups: public.remedy.arsystem.general To: arslist@ARSLIST.ORG Subject: Re: Working with ENCRYPT() function... ** I have been good Joe. Just doing the usual Remedy consultant thing. And you? I see you are an arslist superstar by looking at your post history. Cool that you stay involved with the community so much. I wish I had the time! Take care man and stay in touch! Mike Date: Fri, 20 Apr 2012 18:06:38 -0400 From: jdso...@shyle.net Subject: Re: Working with ENCRYPT() function... To: arslist@ARSLIST.ORG ** Yes I was interested in the character count as if I encrypted the input, I’d need to consider enough room for storage. I was tempted to build a 254 character field to store it, but then curiosity got the better of me and I wanted to know if there was an algorithm to calculate the expected length of the encrypted text.. Yes I do remember you from Nomura. How have you been. Thank you for the info.. something that I can digest over the weekend.. Joe From: Michael Latham Sent: Friday, April 20, 2012 5:47 PM Newsgroups: public.remedy.arsystem.general To: arslist@ARSLIST.ORG Subject: Re: Working with ENCRYPT() function... ** Hey Joe - How have things been since Nomura - if you remember me from that project and you are in fact the same Joe De'Souza. To move along, encryption algorithms vary. If I am not mistaken Remedy ARS uses DES block-cipher encryption in the ENCRYPT function. DES in and of itself is symmetric from an algorithm standpoint. It uses one 64-bit key to encrypt a block of plaintext that is 64-bits into ciphered text. It has one parity bit for each byte of the provided key which generates a key strength which is only 56-bits. Per BMC Documentation: "The output is limited to the size of the field used for output, including the base-64 encoding. Therefore, you are limited to encrypting a string that is 3/4 the size of the output field." Using the passphrase method as a way to generate the encrypted text is achieved using, most probably, a key derivation and salt combination. In order to decrypt ciphered text you would need to "code" an external DES ciphering utility in your language of choice that would encrypt the plain text based on the key provided or decrypt the ciphered text using the key provided. As long as you have the key you can go back and forth with the encryption/decryption. By the way, why do you need to know the length of the output string? I am assuming when you say length you mean character count or something similar. Mike Date: Fri, 20 Apr 2012 13:48:37 -0400 From: jdso...@shyle.net Subject: Working with ENCRYPT() function... To: arslist@ARSLIST.ORG ** Is there a known algorithm to calculate the length of the output results of ENCRYPT based on the length of the input string and the encryption key parameters? I vaguely remember that the length is 120. Or is that only the length of the encrypted value in Field 123? Also how would one decrypt the contents of Field 123 if that is used for storing a password that is used for authenticating into an external app or wsdl? Joe _attend WWRUG12 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"