Hi
I have created a new secret encryption key. In my Notes client. I have a form on which I selected the encrypted key on the security tab. On the form I have 2 fields of which I have set the security options to “Enable encryption for this field”.
Next I have an agent that must create documents with this form. The documents must ( ofcourse) be encrypted and have the $Seal and $SealData fields. If I run the agent the documents are created but the 2 $ fields are not present on the document and the document is not encrypted.
This is the cod ein the agent I use:
Set doc = New NotesDocument( db )
doc.Form = “KeyDoc”
Dim keys( 1 To 1 ) As String
keys( 1 ) = “IDRepository”
doc.EncryptionKeys = keys
Call doc.Encrypt
doc.Subject = “Key Document”
Call doc.Save( True, True )
But if I manually open en save the document the fields are created. But not through an automated process like an agent.
Does anyone have an idea why the 2 $ fields are not on the document and why the document is not encrypted?
Regards
Subject: Create an encrypted document through lotusscript
add the computewithForm method before save
Subject: RE: Create an encrypted document through lotusscript
Hi
I have plced the computewithform, but no luck .
Subject: Create an encrypted document through lotusscript
This is just a logical guess but since scheduled agents are run by the server you will likely have to import the secret encryption key into the server ID so that the key is available for the document to be encrypted.
Subject: RE: Create an encrypted document through lotusscript
Hi
For testing I am running the agent with my own ID. This agent has the encryptd key in the ID. Or else I was not able to manually open and save the document. After doing this manually I can see the $ fields and the document is encrypted.
Regards
Subject: RE: Create an encrypted document through lotusscript
try creating a SecretEncryptionKeys field on your form and populate it with the name of the key you are using to encrypt the documents.
Subject: RE: Create an encrypted document through lotusscript
Hi
This field is already automaticcally created with the agent.
Subject: RE: Create an encrypted document through lotusscript
Your agent code is creating an item called EncryptionKeys.
You need to create an item called SecretEncyrptionKeys.
It’s also unclear to me why you are declaring an array with index 1. No idea if that works in this context. Maybe it does, but changing that would be my next suggestion.
Subject: RE: Create an encrypted document through lotusscript
Hi
The field SecretEncyrptionKeys is automatically created with the name of the encryption key in it. Should I still place the code line in the agent to create this fiel anyway on the form?
Regards
Subject: RE: Create an encrypted document through lotusscript
Ah… silly me. I forgot that EncryptionKeys is a LotusScript property, not a field name. You only need to add the SecretEncryptionKeys field in front-end code, not in an agent. But what I believe you do need to do is to set the isEncrypted property for each NotesItem that you want encrypted, as in:
Set item = doc.GetFirstItem(“field1”)
item.isEncrypted = True
Subject: RE: Create an encrypted document through lotusscript
Hi,
What do you mean with front-end code? I only use the agent to create the documents.
I already used the code item.isEncrypted = True in myagent.
Regards
Subject: RE: Create an encrypted document through lotusscript
Front-end code means code running in event handlers, using the NotesUI classes.
If you’re already setting isEncrypted (which you didn’t show in the code you posted), then I have no clue at this point.
Subject: RE: Create an encrypted document through lotusscript
ok, So what you mean is that the agent will create the document automatically. but when a user opens that same document the QueryOpen event or PostOpen event will create the field SecretEncryptionKeys on the document?But without opening the document I can see that that field is already created with the name of the secret encryption key.
You are right, the code in my original posting didn’t had the codeline isEncrypted. I changed that during the discussion we had.
Now my code looks likt this:
doc.password = “12345678”
Dim itemB As NotesItem
Dim itemA As NotesItem
Set itemB = doc.GetFirstItem(“password” )
Set itemA = doc.GetFirstItem(“attachment” )
itemB.IsEncrypted = True
itemA.IsEncrypted = True
doc.EncryptionKeys = “IDRepository”
Call doc.Encrypt
Call doc.ComputeWithForm( True, False )
Call doc.Save( True, True )
Regards
Subject: SOLUTION!!!
Hi
I have solved the problem. The cause of the document not being encryptd was caused by the order of the lotusscript code.
I had this order:
Call doc.Encrypt
Call doc.ComputeWithForm( True, False )
Call doc.Save( True, True )
And it should be this:
Call doc.ComputeWithForm( True, False )
Call doc.Encrypt
Call doc.Save( True, True )
Reason:
The Encrypt method should allways be the last action before the document is saved. Otherwise the document sees an adjustment in the document and places the IsEncrypt property to False.
So finally my problem si solved!! Thank you for the time.
I have 1 last small question. Is it possible to show the secret encryption key(s) of the current active user in a field?
Kind Regards
Subject: RE: SOLUTION!!!
Unfortunately, no, there is no way to read the list of stored encryption keys from the current ID. I’ve been asking for that from IBM for years – since before I wrote this article: IBM Developer
Glad you found the solution. Needing to make doc.Encrypt the last operation before doc.Save is certainly an interesting and non-obvious requirement.