The following functions are provided as built-in functions in PeopleCode for encryption/decryption:
The syntax for these functions:
Encrypt (KeyString, ClearText) returns CipherText Decrypt (KeyString, CipherText) returns ClearText Hash (ClearText) returns CipherText EncryptNodePswd(ClearText) returns CipherText
Ciphertext is the term used in cryptography to refer to text once it has been encrypted. Cleartext is the plain text before any encryption is applied.
Decrypt functions rely on a key string which is used as part of the encryption. Note that the key string can be blank so you can simply issue the commands
Decrypt(CipherText). It is a good idea to trim spaces from the start and finish of your clear text.
ltrim like this to remove spaces:
&strCipherText = encrypt("", rtrim(ltrim(&strClearText)));
Hash function can only be used to encrypt clear text (one way) - PeopleSoft doesn't provide the equivalent decryption function (for good reason). The
Hash function is the same algorithm (and key) that is used to encrypt the passwords in the
OPERPSWD field in the
PSOPRDEFN table (user passwords).
EncryptNodePswd can only be used to encrypt clear text. It is used to encrypt the password used by Integration Broker nodes. This is the encrypted password stored in the
IBPASSWORD field in the
ACCESSPSWD stored in
PSACCESSPRFL use whatever algorithm is run when issuing the
CHANGE_ACCESS_PASSWORD command in data mover. The
ACCESSID is used as the key for the encryption algorithm. This is the symbolic ID configured when installing PeopleSoft.
The encrypted passwords stored in the application server configuration (
psappsrv.cfg) and process scheduler configuration (
psprcs.cfg) files use the same internal algorithm as the
CHANGE_ACCESS_PASSWORD command in data mover. This is the case for other applications such as configuration manager and application designer.
integrationGateway.properties file contains encrypted passwords for each node. When accessing this through advanced gateway properties, you are provided with an area to generate passwords. Alternatively you can run the delivered password encryption utility,
PSCipher. This is a Java program found on your PeopleSoft web server.
The syntax for encryption is (Windows and Unix):
pscipher.bat ClearText pascipher.sh ClearText
For security reasons you should generate a unique
PSCipher encryption key using:
pscipher.bat -buildkey pascipher.sh -buildkey