IBM Support

IT38145: SUPPORT FOR AES-192/CBC/PKCS5 PADDING ENCRYPTION ALGORITHMS IN AS2

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Update from IBM consultant onsite:
    
    ?We have had a test with the Partner.
    
    The transmissions work correctly in both directions with the
    following settings:
    
    AS2 Client: AES-192 / CBC / PKCS5Padding
    AS2 server: 128-bit AES CBC with PKCS5 padding
    Now, we would like to understand why it works.
    
    Attached the log of the EDIINT parse.
    
    FYI. This issue is no blocking the migration at this moments.?
    
    
    
    I will update the JIRA ticket accordingly so that Rashmi can
    analyze the new log provided that shows customer sending data
    encrypted with AES-192 algorithm,
    
    See extracts below, This algorithm is not even available to
    choose from as an encryption algorithm in the AS2 trading
    partner UI but somehow the decryption works.
    
    
    
    EDIINT: Message processing report algorithm
    AES-192/CBC/PKCS5Padding
    
    <enveloped-data-algorithm>AES-192/CBC/PKCS5Padding</enveloped-d
    ata-algorithm>
    

Local fix

  • B2BISFG-57859
    

Problem summary

  • Users Affected:
    All
    Problem Description:
    Currently, the remote partner is using AES-192 and the customer
    is using AES-128, both with PKCS5 padding and this is working
    fine even though SI does not include AES-192 as a default
    algorithm in the UI. Customers need an explanation on why this
    is working and if this is a correct configuration.
    
    Platforms Affected:
    All
    

Problem conclusion

  • Resolution Summary:
    A code fix is provided.
    Provided the option on UI for the customer to select the AES-192
    algorithm for partner configuration.
    
    Delivered in: 6000305
    
    All future Fix Packs can be found in the Release Timeline
    Matrix:  https://www.ibm.com/support/pages/node/6194265
    

Temporary fix

Comments

APAR Information

  • APAR number

    IT38145

  • Reported component name

    STR B2B INTEGRA

  • Reported component ID

    5725D0600

  • Reported release

    603

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2021-08-25

  • Closed date

    2021-10-05

  • Last modified date

    2021-10-22

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    STR B2B INTEGRA

  • Fixed component ID

    5725D0600

Applicable component levels

[{"Line of Business":{"code":"LOB02","label":"AI Applications"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"Sterling B2B Integrator"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"603"}]

Document Information

Modified date:
23 October 2021