Changes between Version 6 and Version 7 of security/electronic_signatures

Timestamp:

Feb 28, 2013, 5:57:56 PM (11 years ago)

Author:

Sam Habiel

Comment:

--

security/electronic_signatures

@@ -112 +112 @@
  S X=OUTPUT ; X is output
  QUIT
- ;
-RUNTESTS S IO=$P S DIQUIET=1 D DT^DICRW D:$L($T(EN^XTMUNIT)) EN^XTMUNIT($T(+0),1) QUIT
-THASH ; @TEST - Test Hashing
- N DUZ
- S DUZ=1 N X S X="HELLO WORLD" D HASH
- N RESULT1 S RESULT1=X
- S DUZ=1 N X S X="HELLO WORLD" D HASH
- N RESULT2 S RESULT2=X
- D CHKEQ^XTMUNIT(RESULT1,RESULT2,"Hash results are not equal")
- ;
- S DUZ=1 N X S X="HELLO WORLD" D HASH
- N RESULT1 S RESULT1=X
- S DUZ=2 N X S X="HELLO WORLD" D HASH
- N RESULT2 S RESULT2=X
- D CHKTF^XTMUNIT(RESULT1'=RESULT2,"Hash results are not supposed to be equal")
- ;
- S DUZ=1
- N X S X="Hello World" D HASH
- N RESULT1 S RESULT1=X
- N X S X="HELLO WORLD" D HASH
- N RESULT2 S RESULT2=X
- D CHKEQ^XTMUNIT(RESULT1,RESULT2,"Hash results of different cases aren't equal")
- QUIT
- ;
-THASH2 ; @TEST - Test Hashing using main calling routine XUSHSHP
- N DUZ
- S DUZ=1 N X S X="HELLO WORLD" D HASH^XUSHSHP
- N RESULT1 S RESULT1=X
- S DUZ=1 N X S X="HELLO WORLD" D HASH^XUSHSHP
- N RESULT2 S RESULT2=X
- D CHKEQ^XTMUNIT(RESULT1,RESULT2,"Hash results are not equal")
- ;
- S DUZ=1 N X S X="HELLO WORLD" D HASH^XUSHSHP
- N RESULT1 S RESULT1=X
- S DUZ=2 N X S X="HELLO WORLD" D HASH^XUSHSHP
- N RESULT2 S RESULT2=X
- D CHKTF^XTMUNIT(RESULT1'=RESULT2,"Hash results are not supposed to be equal")
- ;
- S DUZ=1
- N X S X="Hello World" D HASH^XUSHSHP
- N RESULT1 S RESULT1=X
- N X S X="HELLO WORLD" D HASH^XUSHSHP
- N RESULT2 S RESULT2=X
- D CHKEQ^XTMUNIT(RESULT1,RESULT2,"Hash results of different cases aren't equal")
- QUIT
- ;
-TENC ; @TEST - Test Encryption
- N VALUE S VALUE="Mary has a little lamb"
- S X=VALUE,X1=1,X2=234234234
- D EN,DE ; encrypt, decrypt X
- D CHKEQ^XTMUNIT(VALUE,X,"Encryption and decryption didn't happen properly")
- ;
- N VALUE2 S VALUE2="Mary has a little lamb"
- S X=VALUE2,X1=88,X2=234234234
- D EN ; encrypt
- N ENCSTR1 S ENCSTR1=X
- S X=VALUE2,X1=1,X2=234234234 ; Different X1
- D EN ; encrypt
- N ENCSTR2 S ENCSTR2=X
- D CHKTF^XTMUNIT(ENCSTR1'=ENCSTR2,"Encrypted strings with different passwords are not supposed to be equal")
- QUIT
- ;
-TENC2 ; @TEST - Test Encryption by calling XUSHSHP
- N VALUE S VALUE="Mary has a little lamb"
- S X=VALUE,X1=1,X2=234234234
- D EN^XUSHSHP,DE^XUSHSHP ; encrypt, decrypt X
- D CHKEQ^XTMUNIT(VALUE,X,"Encryption and decryption didn't happen properly")
- ;
- N VALUE2 S VALUE2="Mary has a little lamb"
- S X=VALUE2,X1=88,X2=234234234
- D EN^XUSHSHP ; encrypt
- N ENCSTR1 S ENCSTR1=X
- S X=VALUE2,X1=1,X2=234234234 ; Different X1
- D EN^XUSHSHP ; encrypt
- N ENCSTR2 S ENCSTR2=X
- D CHKTF^XTMUNIT(ENCSTR1'=ENCSTR2,"Encrypted strings with different passwords are not supposed to be equal")
- QUIT
-LENGTH ; @TEST - Test Lengths
- N X,X1,X2,I
- S (X1,X2)=982734987234
- W !
- F I=1:1:60 K X S $P(X,"A",I)="A" W $L(X) D EN W ?30,$L(X),!
- QUIT
 }}}
 
@@ -225 +142 @@
         I $L($G(^UJO(400000001.3,IEN,1))) X ^(1) QUIT  ; Try Implementation specific first
         I $L($G(^UJO(400000001.1,IEN,2))) X ^(2) QUIT  ; Otherwise, use default one
-        ;
-        ;
-        ;
-RUNTESTS I $L($T(EN^XTMUNIT)) S IO=$P,DIQUIET=1 D DT^DICRW,EN^XTMUNIT($T(+0),1) QUIT
-TESTAPI ; @TEST - Test calling X(APINAME) with existent and non-existent entries.
-        N X,X1,X2
-        D X("UNIT TEST ENTRY")
-        D CHKEQ^XTMUNIT(X,"HELLO WORLD","API wasn't called")
-        ;
-        N STR S STR="HELLO WORLD2"
-        S X=STR,X1="LKJSDF",X2=23432
-        D X("ENCRYPT STRING")
-        D CHKTF^XTMUNIT(X'="HELLO WORLD2","Encrypt failed")
-        D X("DECRYPT STRING")
-        D CHKEQ^XTMUNIT(X,"HELLO WORLD2","Encrypt/Decrypt failed")
-        ;
-        D X("LKSJDKLFDF") ; Make sure there is no crash
-        QUIT
 }}}
 
@@ -380 +279 @@
 }}}
 
+Please note that while the above conversion can be made rerun-safe, this is not taken into consideration here. This code can only be run once without it proving to be harmful. However, if it is ran again, the reverse operation can be performed to correct the action of the second run.
+
+I didn't write example code for Radiology/Nuclear Medicine as I don't have test data in that package.
+
+== Impact on the rest of VISTA ==
+Analysis of the impact will take two phases: That of the Hash and that of the change in encryption.
+
+=== Impact of the new hashing algorithm ===
+Replacement of the Hash algorithm presents no foreseable problems. The maximum length of the output of the new hash is identical to the maximum length of the old. You only need to ensure that at the time of installing the new hash you convert the old unencrypted electronic signatures into the hashed form so that the user's electronic signatures will continue working. 
+
+=== Impact of the new encryption algorithm ===
+This area is far more problematic for two reasons: the output of the hash is random data (which Fileman cannot store), and with block ciphers input is padded to achieve block size. Both of these issues mean that to achieve proper encryption, you will need to base64 encode output from a block cipher so the result can be stored in Fileman. In the end, it means that the encrypted data is much longer than the original data (but not quite double the size). This means that we need to expand the Fileman fields where the encrypted data is stored. The KIDS file accompanying this article expands the 4 TIU fields that store encrypted data to 120 characters each from 60 characters. It's anticipated that other fields (especially field 10 in File 74) will need to be expanded depending on the number of packages you are using. The alternative is to change the encryption algorithm to something much weaker (even rot5) to be able to retain the current sizes.
+
+The following is an analysis of all the impacted area in VISTA:
+{{{
+r/DVBCHLUT.m: D EN^XUSHSHP
+HINQ package. Unused.
+
+r/EEOEEXMT.m:LONG K EEOPT S EENOD=DECR,EEOL=$L(EENOD),EEOC="" F EEOC=0:50:250 S X=$E(EENOD,EEOC+1,EEOC+50) Q:X=""  D EN^XUSHSHP D
+r/EEOEEXMT.m: D EN^XUSHSHP S ^TMP($J,FEE)=X
+r/EEOEEXMT.m: I $L(DECR)<50 S X=DECR,X2=FEE+1 D EN^XUSHSHP S ^TMP($J,FEE+1)=X,FEE=FEE+2 Q
+r/EEOEXMT2.m: K EEOPT S EENOD=DECR,EEOL=$L(EENOD),EEOC="" F EEOC=0:50:250 S X=$E(EENOD,EEOC+1,EEOC+50) Q:X=""  D EN^XUSHSHP D
+r/EEOEXMT2.m: D EN^XUSHSHP S ^TMP($J,FEE)=X
+r/EEOEXMT2.m: I $L(DECR)<50 S X=DECR,X2=FEE+1 D EN^XUSHSHP S ^TMP($J,FEE+1)=X,FEE=FEE+2 Q
+EEO COMPLAINT TRACKING. Unused.
+
+r/ENTIUTL1.m: . S X=ENSTR,X1=ENDA,X2=1 D EN^XUSHSHP S ENSTRH=X ; hashed string
+ENGINEERING. Unused.
+
+r/MCESPRT.m: D EN^XUSHSHP
+MEDICINE. Probably unused. Used only by $$ENCODE^MCESPRT which is only called from SIGN^MCESEDT2 on the CLI.
+
+r/OOPSESIG.m: W "  ... signed." S X=ESNAM,X1=DUZ,X2=IEN D EN^XUSHSHP S ESIG=DUZ_"^"_X
+r/OOPSGUIS.m: D EN^XUSHSHP
+r/OOPSVAL1.m: D EN^XUSHSHP
+Automated Safety Incident Surveillance Tracking System. Unused.
+
+r/PRCASIG.m: D EN^XUSHSHP
+r/PRCUESIG.m:ENCODE(X,X1,X2) D EN^XUSHSHP Q X
+IFCAP. Not sure if it's used.
+
+r/PRPFSIG.m:ENCODE(X,X1,X2) D EN^XUSHSHP Q X
+Patient Funds. Direct Global Set. No risk.
+
+r/PRSAOTX.m: S X=ESNAM,X1=DUZ,X2=DA D EN^XUSHSHP
+Global Set. No risk.
+r/PRSASC1.m: S DFN=$P(AP(1,DA),"^",1),ACT=$P(AP(1,DA),"^",2),COM=$P(AP(1,DA),"^",3),X=ESNAM,X1=DUZ,X2=DA D EN^XUSHSHP
+r/PRSASC1.m: S DFN=$P(AP(2,DA),"^",1),ACT=$P(AP(2,DA),"^",2),COM=$P(AP(2,DA),"^",3),X=ESNAM,X1=DUZ,X2=DA D EN^XUSHSHP
+r/PRSASC1.m: S DFN=$P(AP(3,DA),"^",1),ACT=$P(AP(3,DA),"^",2),COM=$P(AP(3,DA),"^",3),X=ESNAM,X1=DUZ,X2=DA D EN^XUSHSHP
+r/PRSASC1.m: S X=ESNAM,X1=DUZ,X2=DFN D EN^XUSHSHP
+All global sets. No risk.
+PAID. 
+
+r/RACTVR4.m:X11 S X1=RASIG("PER"),X=RASIG("NAME"),X2=DA D EN^XUSHSHP S RASIGCDE=X
+r/RACTVR.m:X34 S X1=RASIG("PER"),X=RASIG("NAME"),X2=DA D EN^XUSHSHP S RASIGCDE=X
+r/RACTWR2.m:X5 S X1=RASIG("PER"),X=RASIG("NAME"),X2=DA D EN^XUSHSHP S RASIGCDE=X
+r/RACTWR4.m:X5 S X1=RASIG("PER"),X=RASIG("NAME"),X2=DA D EN^XUSHSHP S RASIGCDE=X
+r/RAHLO1.m:LOCK1 I $D(RAESIG) S X=RAESIG,X1=$G(RAVERF),X2=RARPT D EN^XUSHSHP S RAESIG=X
+74,10         ELECTRONIC SIGNATURE CODE 0;10 FREE TEXT
+
+              INPUT TRANSFORM:  K:$L(X)>50!($L(X)<1) X
+              OUTPUT TRANSFORM: S Y="  <Hidden>"
+***THIS NEEDS TO CHANGE LENGTH TO 80 CHARACTERS AND RECORDS CONVERTED!***
+Radiology
+
+r/RMPOBILU.m: D EN^XUSHSHP
+r/RMPR4LI.m: D EN^XUSHSHP Q X
+r/RMPRSEC.m: D EN^XUSHSHP Q X
+Home Oxygen Billing. Unused.
+
+r/SPNLGUCD.m: D EN^XUSHSHP
+Spinal code dysfunction. Unused.
+
+r/TIULC1.m: D EN^XUSHSHP
+TIU Already accounted for.
+
+r/VAQHSH1.m: I ('DCRYPT) D EN^XUSHSHP Q X
+PATIENT DATA EXHANGE. Unused.
+
+r/XUSESIG1.m: S X=ESBLK,X1=+CHKSUM,X2=1 D EN^XUSHSHP
+API. Not referenced anywhere.
+
+r/XUSTZ.m: S X1=IOS,X2=DT F I=1:1:XUF(.2) S X=XUF(I) D EN^XUSHSHP S XUF(I)=X
+Only used as hashing it seems. Global set. Throw away data. No action needed.
+
+No matches in the DD global.
+}}}