EN-US
Ask or search…
K
Links
Comment on page

AES Cryptography

Learn how to encrypt or decrypt using the AES Cryptography component.
AES Cryptography encrypts or decrypts based on symmetric cryptography.

Parameters

Take a look at the configuration options for the component. Parameters supported by Double Braces expressions are marked with (DB).
Parameter
Description
Default value
Data type
Crypto Operation
Available operation types (Encrypt Fields, Decrypt Fields, Encrypt Payload, and Decrypt Payload).
Encrypt Fields
String
Account
Account to be used by the component. A Secret Key type account is expected.
If you want to use an arbitrary key, then undo the selection of the account and activate the Provide Key Or Generate Random option, in Advanced Settings.
N/A
String
Fields To Encrypt/Decrypt
Fields to be encrypted/decrypted using a dotted notation (e.g., body.field1, body.field2, body).
a.test
String
Payload to Encrypt/Decrypt (DB)
Payload to be encrypted/decrypted.
N/A
String
Algorithm Key Size
Size of the algorithm key, available in 256 bits (necessary to use a 32-byte key), 192 bits (24-byte key), and 128 bits (16-byte key).
256 bits
Integer (bits)
Operation Mode
Operation mode to be used (CBC, OFB, CTR, CFB, GCM, or ECB).
CBC
String
GCM Tag Length
Sets the tag length (128 bits, 120 bits, 112 bits, 104 bits, or 96 bits). This field is available only when GCM is selected in the Operation Mode parameter.
N/A
String
Padding
Is used in a block cipher in which the blocks are filled with padding bytes (e.g., AES 128 bits uses 16 padding bytes). The NoPadding option is used only when the message to be encrypted surely doesn’t need padding. The correct practice is to always use padding to avoid errors when encrypting/decrypting.
PKCS5Padding
String
Charset
Charset of the provided key of type string.
UTF-8
String
Fail On Error
If the option is active, the execution of the pipeline with an error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the “success” property.
False
Boolean
Advanced Settings
If the option is active, you can access the following configurations:
False
Boolean
Concatenate IV
An encrypted message is expected/produced with Concatenate IV (IV+MESSAGE); otherwise, an IV parameter will be produced during the encryption, and IV in IV will be expected in the "Decryption" field.
N/A
Boolean
Provide IV For Encryption
If the option is active, an IV as a parameter for encryption will be expected; otherwise, a parameter with zeroes or a random parameter controlled by parameter Empty IV or Random IV? will be generated.
N/A
Boolean
Empty IV or Random IV?
If the option is active, an empty IV will be generated (16 bytes of zeroes); otherwise, a random IV will be generated.
N/A
Boolean
IV as Hex Value
If the option is active, an IV will be expected as hexadecimal; otherwise, base64 is expected. This parameter is not available when Concatenate IV is active.
N/A
String
Update AAD
Additional authenticated data for the GCM operation. If the option is active, it’s possible to inform the AAD for the GCM operation. This option is available only when GCM is selected in the Operation Mode parameter.
N/A
String
AAD
Additional authenticated data. Value for the AAD key in the GCM operation. This option is available only when Update AAD is active and when GCM is selected in the Operation Mode parameter.
N/A
String
IV
Starting vector to be previously informed for encryption/decryption, which should have 16 bytes. This parameter is available only when Provide IV For Encryption is active.
N/A
String
Provide Key Or Generate Random
If the option is active, a key is expected; otherwise, a random key will be generated.
N/A
Boolean
Secret Key
Key in Hex or Base64 format (controlled by the Encryption Key As Hex Value parameter). The key must have the bits number in accordance with the Algorithm Key Size parameter.
N/A
String
Encryption Key As Hex Value
If the option is active, the option expects/produces an Encryption Key as Hex; otherwise, it will be expected/produced as base64.
N/A
Boolean
Encrypted Message As Hex
If the option is active, the option expects/produces an encrypted message in Hex format; otherwise, it will be expected/produced as base64.
N/A
Boolean
Important: if you want to use your own key by account, it will be necessary to set a Secret Key account or pass the respective property via Double Braces with the key.

Messages flow

Input

No specific input format is expected.

Output

Crypto Operation: Encrypt Fields or Decrypt Fields

The same input structure will be expected in the output. If the Concatenate IV option is inactive, a new "IV" property will be generated in the JSON informed for each configured field.

Example

Input
{
"array": [{
"text": "text"
},{
"text": "text2"
}]
}
Concatenate IV inactive:
{
"array": [{
"text": "ENCRYPTED TEXT",
"iv": "SOME BASE64"
},{
"text": "ENCRYPTED TEXT",
"iv": "SOME BASE64"
}]
}
Concatenate IV active:
{
"array": [{
"text": "ENCRYPTED TEXT"
},{
"text": "ENCRYPTED TEXT"
}]
}

Crypto Operation: Encrypt Payload or Decrypt Payload

The encrypted value will be returned inside the “result” property. If the Concatenate IV option is inactive, a new "IV" property will be generated in the JSON informed for each configured field.
Concatenate IV inactive:
{
"result": "ENCRYPTED TEXT",
"iv": "SOME BASE64"
}
Concatenate IV active:
{
"result": "ENCRYPTED TEXT
}

AES Cryptography in Action

Cryptography Encrypt Fields

  • Crypto Operation: Encrypt Fields
  • Fields To Encrypt/Decrypt: array.text
  • Algorithm Key Size: 256
  • Operation Mode: CBC
  • Padding: PKCS5Padding
  • Advanced Settings: active
  • Concatenate IV: active
  • Provide IV for Encryption: active
  • IV: MTIzNDU2Nzg5MDEyMzQ1NjE=
  • Provide Key Or Generate Random: active
  • Secret Key: MTIzNDU2Nzg5MDEyMzQ1NjEyMzQ1Njc4OTAxMjM0NTY= (It's recommended to store this key in a SECRET-KEY account type)
  • Encryption Key As Hex Value: inactive
  • Encrypted Message As Hex: inactive

Input

{
"array": [{
"text": "text"
},{
"text": "text2"
}]
}

Output

{
"array":[{
"text": "MTIzNDU2Nzg5MDEyMzQ1Npp1dUf7FzjkLwD9Ezq4FSU="
},{
"text": "MTIzNDU2Nzg5MDEyMzQ1NijQdN4bFfeBL9Z6vCfzMTw="
}]
}

Cryptography Encrypt Payload

  • Crypto Operation: Encrypt Payload
  • Payload: text
  • Algorithm Key Size: 256
  • Operation Mode: CBC
  • Padding: PKCS5Padding
  • Advanced Settings: active
  • Concatenate IV: active
  • Provide IV for Encryption: active
  • IV: MTIzNDU2Nzg5MDEyMzQ1NjE=
  • Provide Key Or Generate Random: active
  • Secret Key: MTIzNDU2Nzg5MDEyMzQ1NjEyMzQ1Njc4OTAxMjM0NTY= (It's recommended to store this key in a SECRET-KEY account type)
  • Encryption Key As Hex Value: inactive
  • Encrypted Message As Hex: inactive

Input

{}

Output

{
"result": "MTIzNDU2Nzg5MDEyMzQ1Npp1dUf7FzjkLwD9Ezq4FSU="
}

Decryption Decrypt Fields

  • Crypto Operation: Decrypt Fields
  • Fields To Encrypt/Decrypt: array.text
  • Algorithm Key Size: 256
  • Operation Mode: CBC
  • Padding: PKCS5Padding
  • Advanced Settings: active
  • Concatenate IV: active
  • Provide IV for Encryption: active
  • IV: MTIzNDU2Nzg5MDEyMzQ1NjE=
  • Provide Key Or Generate Random: active
  • Secret Key: MTIzNDU2Nzg5MDEyMzQ1NjEyMzQ1Njc4OTAxMjM0NTY= (It's advised to store this key in a SECRET-KEY account type)
  • Encryption Key As Hex Value: inactive
  • Encrypted Message As Hex: inactive

Input

{
"array": [{
"text": "MTIzNDU2Nzg5MDEyMzQ1Npp1dUf7FzjkLwD9Ezq4FSU="
},{
"text": "MTIzNDU2Nzg5MDEyMzQ1NijQdN4bFfeBL9Z6vCfzMTw="
}]
}

Output

{
"array": [{
"text": "text"
},{
"text": "text2"
}]
}

Decryption Decrypt Payload

  • Crypto Operation: Decrypt Payload
  • Payload: MTIzNDU2Nzg5MDEyMzQ1Npp1dUf7FzjkLwD9Ezq4FSU=
  • Algorithm Key Size: 256
  • Operation Mode: CBC
  • Padding: PKCS5Padding
  • Advanced Settings: active
  • Concatenate IV: active
  • Provide IV for encryption: active
  • IV: MTIzNDU2Nzg5MDEyMzQ1NjE=
  • Provide Key Or Generate Random: active
  • Secret Key: MTIzNDU2Nzg5MDEyMzQ1NjEyMzQ1Njc4OTAxMjM0NTY= (It’s recommended to store this key in a SECRET-KEY account type)
  • Encryption Key As Hex Value: inactive
  • Encrypted Message As Hex: inactive

Input

{}

Output

{
"result": "text"
}
Last modified 1mo ago