Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

This topic is 2456 days old. Please don't post here. Open a new topic instead.

Recommended Posts

Posted

We are working on a process for passing certain info nuggets out of a solution (FMP 13) in an encrypted method.

For various reasons a version upgrade isn't feasible. So the plan is to encrypt the nuggets, then pass them into a format for transport.

Currently, we're using Applescript to pass the particular fields into an AES-256-CBC encryption process in a calculated Applescript step, as follows :

 

Quote

"property targetCell: \"table::field1\" ¶
do shell script \"echo " & field1 & field2 & field3 &" encryptionsaltbit | openssl aes-256-cbc -k thisismypassword -base64\" ¶
copy result to cell targetCell of current record"

 

The problems which concern me here:

1. The password is "traveling" into Terminal in plaintext.   Is there a way this can be viewed during the process (a 'ps' or some other method)??

2. Is there a better method to accomplish this without running as an echo?

 

I've tried various flavors of this process (successful encryption & transport, etc), but am most concerned about the potential vulnerability from within OSX.. I've run various flavors, then attempted to grep for any of the password strings in log files and Library/Application Support/ folders, but haven't found anything...

Is this an unfounded issue, or should I be going a different direction?

  • 1 month later...

This topic is 2456 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.