- Products
- Solutions
- Resources
- Trials
- Support
- Partners
- Communities
Hi all,
On production I have the ONE IDM encrypted in this way all internal passwords and connections are not show.
I have a parameter that contains a password. I encrypted the parameter and the original value now is not visible.
I need to take the parameter value on a custom script for a connection string.
I search on site, and I find the statements to descrypt the value. I wrote a function:
Public Function CCC_Get_DecryptedValue(ByVal EncryptedString As String) As String
Dim DecryptVal As String
Dim decrypter As VI.Projector.Security.DatabaseEncryption = New VI.Projector.Security.DatabaseEncryption(Connection.Session)
' decryption using the Projector method
DecryptVal = decrypter.Decrypt(EncryptedString)
Return DecryptVal
End Function
The function return the value encrypted and if I check the encrypted string using
Dim check As Boolean = decrypter.IsEncryptedValue(EncryptedString)
The check is false....
Could you tell me what I wrong ?
Thank you very much and best regards
Ermes
The code you posted does work for sync variables only.
I suggest decrypting the string with the Session.Decrypt() method.
' Caution: This only work if the script is running in the Job Service. DecryptVal…
As I've said before.
The code you posted does work for sync variables only.
I suggest decrypting the string with the Session.Decrypt() method.
Two things. First, where are you testing this? Only when the script is running in the Job Service, it is able to decrypt the strings. Second, where does the value come from that you are trying to decrypt (Sync Variable, Configuration Parameter, etc.)?
Hi Markus,
To discover whats happen I write a log before and after the decrypt:
I executed again the script and the log is:
8/8/2018 1:34:01 PM -
8/8/2018 1:34:01 PM - CCC_UNSAccountB_CRM_SyncAccount - Check For Password Encryption = Call Decrypt function
8/8/2018 1:34:01 PM - CCC_UNSAccountB_CRM_SyncAccount - Encrypted value (Parameter) = [C]AGvg53ws/oFNoQTBIJfYETEL4e6chFQYKaB7CZ+OQMTLInCeomrA/myjMBwidtze4mlzvoLE4rr2Q2RrnJeXK+L7Co1pEbHqJUSc1SUMbV2cGfStxY2e4g5RoLHrWO+UZPlYdubQdmZHpeUF5yaLtDKhhYCSuI5midDPxXovVMS4GRivgZ4uNoc6y1HnXHLI5cWX79Egl7JbVRrnnvlU9a+SY2etqm9dCWTblTuGcyPGAn8SoU4SH3/Ko93p+zpBN03HF2GJlS5UsTEXuUOAYF5BOwrQX9RGHAW4W8eUca1bx7BrsHmvQwS+1BIneIPWAN8KrCMf5dGU6Vyu7L9tEYzaslL30sYo2cBFA7+uu5J+L5vz9Ay+hY4w2kCRUxn4q0UWS4dOCWxWk8MG/dNgAZN3hq2zsv3OgpX2O85bFEgW62AinVdMlT2j90I0Fl/WkaVXlPpS6nOOg9JPUDxaIUMsyzwceDqFbcag9o2x2W+tJ0fEkJGy1rVBmw56bBawSxjab02015XWhD0BVor92dOiaOH186RuP2QPZXrX8dRVhc9YpusVhdo5JByLNzoU86QHdhQEqbKjLHx8M7hSi9E=[C]
8/8/2018 1:34:01 PM - CCC_UNSAccountB_CRM_SyncAccount - Descrypted Value (after Decryption Function) = [C]AGvg53ws/oFNoQTBIJfYETEL4e6chFQYKaB7CZ+OQMTLInCeomrA/myjMBwidtze4mlzvoLE4rr2Q2RrnJeXK+L7Co1pEbHqJUSc1SUMbV2cGfStxY2e4g5RoLHrWO+UZPlYdubQdmZHpeUF5yaLtDKhhYCSuI5midDPxXovVMS4GRivgZ4uNoc6y1HnXHLI5cWX79Egl7JbVRrnnvlU9a+SY2etqm9dCWTblTuGcyPGAn8SoU4SH3/Ko93p+zpBN03HF2GJlS5UsTEXuUOAYF5BOwrQX9RGHAW4W8eUca1bx7BrsHmvQwS+1BIneIPWAN8KrCMf5dGU6Vyu7L9tEYzaslL30sYo2cBFA7+uu5J+L5vz9Ay+hY4w2kCRUxn4q0UWS4dOCWxWk8MG/dNgAZN3hq2zsv3OgpX2O85bFEgW62AinVdMlT2j90I0Fl/WkaVXlPpS6nOOg9JPUDxaIUMsyzwceDqFbcag9o2x2W+tJ0fEkJGy1rVBmw56bBawSxjab02015XWhD0BVor92dOiaOH186RuP2QPZXrX8dRVhc9YpusVhdo5JByLNzoU86QHdhQEqbKjLHx8M7hSi9E=[C]
8/8/2018 1:34:01 PM -
As you can see the decrypt return the same value
Thanks for your help.
Best regards
Ermes
The encrypted value is a config parameter
Another question, what version are you using?
The code you posted does work for sync variables only.
I suggest decrypting the string with the Session.Decrypt() method.
' Caution: This only work if the script is running in the Job Service. DecryptVal = Session.Decrypt(EncryptedString)
Again, this will only decrypt the value if the script is executed by the Job Service!
Hi Markus,
I confirm you that the script is executed by the job service.
I display the fields value on a file to be sure that they have the correct values.
But as you can see the result is not correct.
These my steps to encrypt the config parameter:
1. I put the clear value
2. I select the "Encrypt" flag
3. The value disapperar and it becames "****"
I executed the script from Designer - Process automation (this script is scheduled)
Thanks
Ermes
Is your Job Service configured with the private.key so that he is able to decrypt stuff?
Do you use my code snippet or yours?
Hi Markus,
Obviously, the Job Service start using the private key generated from the DB encryption steps.
Without the private key the job service cannot start.
The code used as I wrote before is my function:
Public Function CCC_Get_DecryptedValue(ByVal EncryptedString As String) As String
Dim DecryptVal As String
Dim decrypter As VI.Projector.Security.DatabaseEncryption = New VI.Projector.Security.DatabaseEncryption(Connection.Session)
' decryption using the Projector method
DecryptVal = decrypter.Decrypt(EncryptedString)
Return DecryptVal
End Function
I deleted from your function the "Encryption" part because I don't need it.
As I've said before.
The code you posted does work for sync variables only.
I suggest decrypting the string with the Session.Decrypt() method.
Hi Markus,
Using Session.Decrypt() method the script works fine.
Now the parameter is descrypted correctly.
Thank you very much and best regards
Ermes