There is a similar discussion on stackoverflow about encrypting and decrypting in SA16 where it works with minor issues, but there I have a more specific and problematic question: I do understant why SA12 can not decrypt stuff encrypted in other systems, because it does not has the capability of setting up specific parameters, but what about the other way around, decrypting stuff in C# encrypted in SA12 or earlier? All I know from SA12 documentation is that it uses Rijndael algorithm and has a random IV and the size 128 or 256 can be specified, but I do not know the padding, the cipher mode and am not sure about the data rawness format.
So long story short: Is it possible to decrypt data encrypted in SA12 outside of the database?
asked 21 Mar '14, 03:04
No, it is not possible in v12. The algorithm itself is AES, but the way we break the data up into blocks for encryption, the IV we use, and the way we store the encrypted data are all proprietary and unpublished.
answered 21 Mar '14, 06:38
While I can't tell the details, here's a link to an older similar question from the NNTP archives:
@sybase.com/>">Is encrypt function algorithm true AES
EDIT: Unfortunately, the link seems to be rendered incorrectly because of the contained "@", I suspect), so I paste it as pure text...here
In my understanding, that would mean the encryption/decryption with v12 and below is done in a proprietary fashion and cannot be decrypted/encrypted externally.
You may however go the opposite way and use an external crypto lib within SQL Anywhere via the external call interface and make sure that way that encryption/decryption within and outside the database are compatible.
As to the IV: AFAIK, before v10.0.1 there was no random IV used, v10.0.1 introduced a database option (i.e. the "encrypt_aes_random_iv database option) to use a random IV on demand, and v11 and above will always use a random IV.