I am using symmetrickeyencryptiondecryption tactical assertion for AES/CBC/PKCS5 encryption. For decryption, I need to have IV value; however not getting way to read iv value used while encryption.
Please help to get the variable name, which stores IV value.
Good afternoon. This enhancement of an additional optional field, labelled IV, is to allow deciphering of cipher data using AES/CBC that doesn't contain the IV used to create the cipher data to start with. (eg: openSSL) This field is only available and used when data is being deciphered with AES/CBC cipher. If the data does contain an IV within it's cipher data, this field must be left blank.
The IV can be an explicit value or a context variable containing the IV. Either way, the value must be a binary base64 encoded string. Use the Hex String to Binary Base 64 Tactical Assertion (Request from support) to convert a hex string to a binary base64 encoded string if necessary. The value is needing to be know as it will not be with the cipher data.
Director, Technical Support
How can I set up my own IV value while encryption. I believe the assertion uses random IV value while encryption and append that to the encrypted data.
However, if I want to use my own IV value, I don't see any way to do that. Can you please explain this.
I think that Stephen has explained it:
"...The IV can be an explicit value or a context variable containing the IV. Either way, the value must be a binary base64 encoded string. Use the Hex String to Binary Base 64 Tactical Assertion (Request from support) to convert a hex string to a binary base64 encoded string if necessary."
In other words, you would have to either use an online tool to convert the IV from binary to base64 encoded binary or the tactical assertion that Stephen specified, and then use it either explicitely (copy-paste) in the field, or create a variable of type string, copy-paste the base64 value of the IV and then reference that variable in that field.
I hope this helps
Thank you for clarifying what you were looking for. The IV value as you mentioned is set dynamically by the assertion for encrypting as this is the most secure way to ensure random settings so the encrypted value can not be guessed. The IV value in the assertion is only available when decrypting as the IV value may not be included in the data. WE strongly recommend using other more modern methods of encryption.
Director, CA Support
Sp, con you confirm that is NOT possible to specify an own IV when cyphering with the SymmetricKeyEncryptionDecryption Tactical Assertion? It's possible to specify it, in Base64, only in deciphering mode, correct?
Can you help me?
Retrieving data ...