Re: _cipher API vs Qc3Encrypt/Qc3DecryptData vs SQL -- RPG400-L

Mark,

No, it would not defeat the purpose of the encryption at all. Since it's a trigger I would have the option of adding my application logic to allow only those authorized.

Also, if the tape containing the DB file disappears, the raw data is still encrypted.

It would be a *vast* improvement over what we have now. Currently, the file format must change. Therefore, in some way, the application must change. A read trigger would allow me to keep the same file format by separating the encrypted field(s) into another file and the trigger would decrypt the data if allowed and would map the decrypted data (or even some error text!) back to the triggering program's input buffer. The original application need have no knowledge that anything different happened since encryption was implemented.

I don't really understand why IBM imposed this limitation.

-mark

At 3/26/08 09:56 AM, you wrote:

But that would totally defeat the purpose of encrypting the data in
certain fields, wouldn't it? Once such a "read trigger" was in place, if
it could decrypt the data and return that data in the buffer, then any
program that accesses (reads) the file (even DSPPFM, etc.) would then
see the unencrypted data! :-o

> M. Lazarus wrote:
> Bruce,
>
> Are there any plans that you know of to allow changing a read
> trigger buffer? This limitation is a *major* barrier to retrofitting
> encryption onto existing databases.
>
> -mark

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.