[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using ftpapi to send encrypting file

From: Mario Martoriello <martoriello@xxxxxxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Using ftpapi to send encrypting file
Date: Tue, 18 Oct 2011 19:14:28 +0200

Mike
thank for your answer. I was not very exact when I post the example of 
command. I cut  some comment that I believed not necessary but now I think 
that I did a mistake.  The comments that I cut  told that the field "Fiscal 
code" had to be encrypted as the whole file cf.txt that contains only a 
field = Fiscal code.  The real file that I have to send  so contains 5 
fields not encpypted and the last field (fiscal Code) encrypted. Thanks for 
the link for Scott's description about calling qp2shell.
I haven't to use a encrypt FTP session
best regards
Mario
-----Messaggio originale----- 
From: Mike Krebs
Sent: Tuesday, October 18, 2011 6:11 PM
To: HTTPAPI and FTPAPI Projects
Subject: RE: Using ftpapi to send encrypting file

You are not encrypting a "field" in a file with that openssl command. The 
whole file CF.TXT is being encrypted.

OPENSSL appears to be part of 5733-SC1 (OpenSSH, OpenSSL, zlib) Option 1 for 
IBM i V5R4, V6R1 or V7R1. Once that is installed, seems like you could run 
this process on the IBMi. It runs from PASE so you could use the program 
qp2shell to run the command. Scott described it here: 
http://forums.systeminetwork.com/isnetforums/showthread.php?t=46752 and of 
course you can find information on this in the infocenter as well.

As Scott said, once you have the encrypted file, you can send using a binary 
transfer using regular FTP. If you want to encrypt the FTP session, you will 
have to see what options you have on the other end, but SSL will work for 
that. Or check out this article for sFTP 
http://www.ibmsystemsmag.com/ibmi/administrator/systemsmanagement/sFTP-Tips/

So, yes, you could automate from RPG. Good luck.

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx 
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Mario 
Martoriello
Sent: Tuesday, October 18, 2011 6:04 AM
To: HTTPAPI and FTPAPI Projects
Subject: Re: Using ftpapi to send encrypting file

Hi Scott
thank you for your answer. Yes I have to send a file in which only a field
(fiscal code)  is encrypted. The required standard for encryption is the
following,I translate it from Italian law: "with public key RSA which is in
a digital certificate X.509 with padding PKCS#1 v 1.5. and the encryption
must be the same if you use the command : openssl rsautl –encrypt –in
CF.txt –out CF.enc –inkey MEF.cer –certin –pkcs  where MEF.cer is the
certificate with the RSA key."  Now to do this I have to create the file on
system i, download it to pc, run a VB program  that I wrote to do the
encryption  and then I have to send by FTP the result file. As I would like
to automate the whole process on system i I'm wondering if it is possible to
call openssl from rpg program o another way to encrypt the field from rpg
program, and then by FTPAPI send the file.
best regards
Mario

-----Messaggio originale----- 
From: Scott Klement
Sent: Tuesday, October 18, 2011 5:29 AM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: Using ftpapi to send encrypting file

Hi Mario,

FTPAPI can send an encrypted file -- as long as you send it in BINARY
mode.  You never want to run character set translation (ASCII/EBCDIC) on
encrypted data.

I don't understand the part about encrypting fields with OpenSSL. Do you
really want to encrypt just certain fields, and not the whole file?
I've never tried to do that, and I'm not sure exactly what the pitfalls
and gotchas might be.

On 10/17/2011 12:15 PM, Mario Martoriello wrote:
>
>     Hi all
>     I used the FTPAPI for several project and it's work fine. Now I have
>     to send and encrypting file. The question is the file I have to
>     encrypt by OPENSSL and not all the fields are encrypted . I read some
>     Scott's article in which he explains how to call OPENSSL to encrypt a
>     file but the question is : Is possible to call OPENSSL from a RPG
>     program  to encrypt the necessary fields and then call ftpapi to send
>     the file ?
>     ANY help would be valued .
>
>     Mario
>     best regards
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
----------------------------------------------------------------------- 

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
----------------------------------------------------------------------- 

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

References:
- Using ftpapi to send encrypting file
  - From: Mario Martoriello
- Re: Using ftpapi to send encrypting file
  - From: Scott Klement
- Re: Using ftpapi to send encrypting file
  - From: Mario Martoriello
- RE: Using ftpapi to send encrypting file
  - From: Mike Krebs

Prev by Date: RE: Using ftpapi to send encrypting file
Next by Date: Re: logs in web service
Previous by thread: RE: Using ftpapi to send encrypting file
Next by thread: logs in web service
Index(es):
- Date
- Thread