Problem

ST uses AES128 hashes for various strings, and there are two tools that can be used on the command line of the server that allow manual encryption or decryption of strings, should the need arise. These are the aesenc and aesdec and this article explains how to use them.

Resolution

Both tools are located in the $FILEDRIVEHOME/bin/utils folder. Before using them, you need to source the ST environment as shown below.

Source the ST environment on Linux/UNIX servers

1. Go to $FILEDRIVEHOME

2. Run:

. ./profile.sh

Source the ST environment on Windows servers

You will need to use the Cygwin shell. Refer to KB 178648 for infromation how to launch and use the Cygwin shell.

1. Go to $FILEDRIVEHOME as explained in KB 178648.

2. Run:

source ./profile.sh

Once the environment is sourced, you can use the aesenc and aesdec tools.

Using aesenc for encrypting strings

To encrypt the string SomeString to an AES128 hash, use the below command in $FILEDRIVEHOME:

bin/utils/aesenc SomeString

NOTE: Works for both Windows and Linux/UNIX systems.

This will produce a hash similar to {AES128}CKw++MKI0glBlqTMTLdijQ==. This hash can be used in ST, if required.

Using aesdec for decrypting AES128 hashes

In the cases where an exising AES128 hash has to be decrypted to a plain text string, use the below command in $FILEDRIVEHOME:

bin/utils/aesdec {AES128}CKw++MKI0glBlqTMTLdijQ==

NOTE: Use the actual AES128 hash from your system, instead of the example one here. Command works for both Windows and Linux/UNIX systems.

The above command will decrypt the hash to the string SomeString.

NOTE: The AES128 hashes can be decrypted only on the same ST server that created them. Hashes from other servers will not decrypt.