[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Using ftpapi to send encrypting file
Mike
thank for your answer. I was not very exact when I post the example of
command. I cut some comment that I believed not necessary but now I think
that I did a mistake. The comments that I cut told that the field "Fiscal
code" had to be encrypted as the whole file cf.txt that contains only a
field = Fiscal code. The real file that I have to send so contains 5
fields not encpypted and the last field (fiscal Code) encrypted. Thanks for
the link for Scott's description about calling qp2shell.
I haven't to use a encrypt FTP session
best regards
Mario
-----Messaggio originale-----
From: Mike Krebs
Sent: Tuesday, October 18, 2011 6:11 PM
To: HTTPAPI and FTPAPI Projects
Subject: RE: Using ftpapi to send encrypting file
You are not encrypting a "field" in a file with that openssl command. The
whole file CF.TXT is being encrypted.
OPENSSL appears to be part of 5733-SC1 (OpenSSH, OpenSSL, zlib) Option 1 for
IBM i V5R4, V6R1 or V7R1. Once that is installed, seems like you could run
this process on the IBMi. It runs from PASE so you could use the program
qp2shell to run the command. Scott described it here:
http://forums.systeminetwork.com/isnetforums/showthread.php?t=46752 and of
course you can find information on this in the infocenter as well.
As Scott said, once you have the encrypted file, you can send using a binary
transfer using regular FTP. If you want to encrypt the FTP session, you will
have to see what options you have on the other end, but SSL will work for
that. Or check out this article for sFTP
http://www.ibmsystemsmag.com/ibmi/administrator/systemsmanagement/sFTP-Tips/
So, yes, you could automate from RPG. Good luck.
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Mario
Martoriello
Sent: Tuesday, October 18, 2011 6:04 AM
To: HTTPAPI and FTPAPI Projects
Subject: Re: Using ftpapi to send encrypting file
Hi Scott
thank you for your answer. Yes I have to send a file in which only a field
(fiscal code) is encrypted. The required standard for encryption is the
following,I translate it from Italian law: "with public key RSA which is in
a digital certificate X.509 with padding PKCS#1 v 1.5. and the encryption
must be the same if you use the command : openssl rsautl –encrypt –in
CF.txt –out CF.enc –inkey MEF.cer –certin –pkcs where MEF.cer is the
certificate with the RSA key." Now to do this I have to create the file on
system i, download it to pc, run a VB program that I wrote to do the
encryption and then I have to send by FTP the result file. As I would like
to automate the whole process on system i I'm wondering if it is possible to
call openssl from rpg program o another way to encrypt the field from rpg
program, and then by FTPAPI send the file.
best regards
Mario
-----Messaggio originale-----
From: Scott Klement
Sent: Tuesday, October 18, 2011 5:29 AM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: Using ftpapi to send encrypting file
Hi Mario,
FTPAPI can send an encrypted file -- as long as you send it in BINARY
mode. You never want to run character set translation (ASCII/EBCDIC) on
encrypted data.
I don't understand the part about encrypting fields with OpenSSL. Do you
really want to encrypt just certain fields, and not the whole file?
I've never tried to do that, and I'm not sure exactly what the pitfalls
and gotchas might be.
On 10/17/2011 12:15 PM, Mario Martoriello wrote:
>
> Hi all
> I used the FTPAPI for several project and it's work fine. Now I have
> to send and encrypting file. The question is the file I have to
> encrypt by OPENSSL and not all the fields are encrypted . I read some
> Scott's article in which he explains how to call OPENSSL to encrypt a
> file but the question is : Is possible to call OPENSSL from a RPG
> program to encrypt the necessary fields and then call ftpapi to send
> the file ?
> ANY help would be valued .
>
> Mario
> best regards
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------