Comment on page
AES Cryptography
Learn how to encrypt or decrypt using the AES Cryptography component.
AES Cryptography encrypts or decrypts based on symmetric cryptography.
Take a look at the configuration options for the component. Parameters supported by Double Braces expressions are marked with
(DB).Parameter | Description | Default value | Data type |
|---|---|---|---|
Crypto Operation | Available operation types (Encrypt Fields, Decrypt Fields, Encrypt Payload, and Decrypt Payload). | Encrypt Fields | String |
Account | Account to be used by the component. A Secret Key type account is expected. If you want to use an arbitrary key, then undo the selection of the account and activate the Provide Key Or Generate Random option, in Advanced Settings. | N/A | String |
Fields To Encrypt/Decrypt | Fields to be encrypted/decrypted using a dotted notation (e.g., body.field1, body.field2, body). | a.test | String |
Payload to Encrypt/Decrypt (DB) | Payload to be encrypted/decrypted. | N/A | String |
Algorithm Key Size | Size of the algorithm key, available in 256 bits (necessary to use a 32-byte key), 192 bits (24-byte key), and 128 bits (16-byte key). | 256 bits | Integer (bits) |
Operation Mode | Operation mode to be used (CBC, OFB, CTR, CFB, GCM, or ECB). | CBC | String |
GCM Tag Length | Sets the tag length (128 bits, 120 bits, 112 bits, 104 bits, or 96 bits). This field is available only when GCM is selected in the Operation Mode parameter. | N/A | String |
Padding | Is used in a block cipher in which the blocks are filled with padding bytes (e.g., AES 128 bits uses 16 padding bytes). The NoPadding option is used only when the message to be encrypted surely doesn’t need padding. The correct practice is to always use padding to avoid errors when encrypting/decrypting. | PKCS5Padding | String |
Charset | Charset of the provided key of type string. | UTF-8 | String |
Fail On Error | If the option is active, the execution of the pipeline with an error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the “success” property. | False | Boolean |
Advanced Settings | If the option is active, you can access the following configurations: | False | Boolean |
Concatenate IV | An encrypted message is expected/produced with Concatenate IV (IV+MESSAGE); otherwise, an IV parameter will be produced during the encryption, and IV in IV will be expected in the "Decryption" field. | N/A | Boolean |
Provide IV For Encryption | If the option is active, an IV as a parameter for encryption will be expected; otherwise, a parameter with zeroes or a random parameter controlled by parameter Empty IV or Random IV? will be generated. | N/A | Boolean |
Empty IV or Random IV? | If the option is active, an empty IV will be generated (16 bytes of zeroes); otherwise, a random IV will be generated. | N/A | Boolean |
IV as Hex Value | If the option is active, an IV will be expected as hexadecimal; otherwise, base64 is expected. This parameter is not available when Concatenate IV is active. | N/A | String |
Update AAD | Additional authenticated data for the GCM operation. If the option is active, it’s possible to inform the AAD for the GCM operation. This option is available only when GCM is selected in the Operation Mode parameter. | N/A | String |
AAD | Additional authenticated data. Value for the AAD key in the GCM operation. This option is available only when Update AAD is active and when GCM is selected in the Operation Mode parameter. | N/A | String |
IV | Starting vector to be previously informed for encryption/decryption, which should have 16 bytes. This parameter is available only when Provide IV For Encryption is active. | N/A | String |
Provide Key Or Generate Random | If the option is active, a key is expected; otherwise, a random key will be generated. | N/A | Boolean |
Secret Key | Key in Hex or Base64 format (controlled by the Encryption Key As Hex Value parameter). The key must have the bits number in accordance with the Algorithm Key Size parameter. | N/A | String |
Encryption Key As Hex Value | If the option is active, the option expects/produces an Encryption Key as Hex; otherwise, it will be expected/produced as base64. | N/A | Boolean |
Encrypted Message As Hex | If the option is active, the option expects/produces an encrypted message in Hex format; otherwise, it will be expected/produced as base64. | N/A | Boolean |
Important: if you want to use your own key by account, it will be necessary to set a Secret Key account or pass the respective property via Double Braces with the key.
No specific input format is expected.
The same input structure will be expected in the output. If the Concatenate IV option is inactive, a new "IV" property will be generated in the JSON informed for each configured field.
Input
{
"array": [{
"text": "text"
},{
"text": "text2"
}]
}
Concatenate IV inactive:
{
"array": [{
"text": "ENCRYPTED TEXT",
"iv": "SOME BASE64"
},{
"text": "ENCRYPTED TEXT",
"iv": "SOME BASE64"
}]
}
Concatenate IV active:
{
"array": [{
"text": "ENCRYPTED TEXT"
},{
"text": "ENCRYPTED TEXT"
}]
}
The encrypted value will be returned inside the “result” property. If the Concatenate IV option is inactive, a new "IV" property will be generated in the JSON informed for each configured field.
Concatenate IV inactive:
{
"result": "ENCRYPTED TEXT",
"iv": "SOME BASE64"
}
Concatenate IV active:
{
"result": "ENCRYPTED TEXT
}
- Crypto Operation: Encrypt Fields
- Fields To Encrypt/Decrypt: array.text
- Algorithm Key Size: 256
- Operation Mode: CBC
- Padding: PKCS5Padding
- Advanced Settings: active
- Concatenate IV: active
- Provide IV for Encryption: active
- IV: MTIzNDU2Nzg5MDEyMzQ1NjE=
- Provide Key Or Generate Random: active
- Secret Key: MTIzNDU2Nzg5MDEyMzQ1NjEyMzQ1Njc4OTAxMjM0NTY= (It's recommended to store this key in a SECRET-KEY account type)
- Encryption Key As Hex Value: inactive
- Encrypted Message As Hex: inactive
{
"array": [{
"text": "text"
},{
"text": "text2"
}]
}
{
"array":[{
"text": "MTIzNDU2Nzg5MDEyMzQ1Npp1dUf7FzjkLwD9Ezq4FSU="
},{
"text": "MTIzNDU2Nzg5MDEyMzQ1NijQdN4bFfeBL9Z6vCfzMTw="
}]
}
- Crypto Operation: Encrypt Payload
- Payload: text
- Algorithm Key Size: 256
- Operation Mode: CBC
- Padding: PKCS5Padding
- Advanced Settings: active
- Concatenate IV: active
- Provide IV for Encryption: active
- IV: MTIzNDU2Nzg5MDEyMzQ1NjE=
- Provide Key Or Generate Random: active
- Secret Key: MTIzNDU2Nzg5MDEyMzQ1NjEyMzQ1Njc4OTAxMjM0NTY= (It's recommended to store this key in a SECRET-KEY account type)
- Encryption Key As Hex Value: inactive
- Encrypted Message As Hex: inactive
{}
{
"result": "MTIzNDU2Nzg5MDEyMzQ1Npp1dUf7FzjkLwD9Ezq4FSU="
}
- Crypto Operation: Decrypt Fields
- Fields To Encrypt/Decrypt: array.text
- Algorithm Key Size: 256
- Operation Mode: CBC
- Padding: PKCS5Padding
- Advanced Settings: active
- Concatenate IV: active
- Provide IV for Encryption: active
- IV: MTIzNDU2Nzg5MDEyMzQ1NjE=
- Provide Key Or Generate Random: active
- Secret Key: MTIzNDU2Nzg5MDEyMzQ1NjEyMzQ1Njc4OTAxMjM0NTY= (It's advised to store this key in a SECRET-KEY account type)
- Encryption Key As Hex Value: inactive
- Encrypted Message As Hex: inactive
{
"array": [{
"text": "MTIzNDU2Nzg5MDEyMzQ1Npp1dUf7FzjkLwD9Ezq4FSU="
},{
"text": "MTIzNDU2Nzg5MDEyMzQ1NijQdN4bFfeBL9Z6vCfzMTw="
}]
}
{
"array": [{
"text": "text"
},{
"text": "text2"
}]
}
- Crypto Operation: Decrypt Payload
- Payload: MTIzNDU2Nzg5MDEyMzQ1Npp1dUf7FzjkLwD9Ezq4FSU=
- Algorithm Key Size: 256
- Operation Mode: CBC
- Padding: PKCS5Padding
- Advanced Settings: active
- Concatenate IV: active
- Provide IV for encryption: active
- IV: MTIzNDU2Nzg5MDEyMzQ1NjE=
- Provide Key Or Generate Random: active
- Secret Key: MTIzNDU2Nzg5MDEyMzQ1NjEyMzQ1Njc4OTAxMjM0NTY= (It’s recommended to store this key in a SECRET-KEY account type)
- Encryption Key As Hex Value: inactive
- Encrypted Message As Hex: inactive
{}
{
"result": "text"
}
Last modified 1mo ago