PBE Cryptography

Know the component and how to use it.
PBE Cryptography makes encryption and decryption operations using PBE algorithm (Password Based Encryption).
Take a look at the configuration parameters of the component:
Crypto Operation: available operation types - ENCRYPT FIELDS, DECRYPT FIELDS, ENCRYPT PAYLOAD and DECRYPT PAYLOAD.
Account: account to be used by the component - a SECRET-KEY type account is expected.
Iteration Count: number of iterations with Salt.
Algorithm: algorithm type to be used.
Fields To Encrypt/Decrypt: fields to be encrypted/decrypted using a dotted notation (eg.: body.field1,body.field2,body).
Charset: encoding type.
Secret Key Type: secret key format (String, Hexadecimal or Base64).
Fail On Error: if the option is activated, the pipeline with error execution will be suspended; otherwise, the pipeline execution continues, but the result will show a false value for the success property.
Advanced Settings: advanced configurations.
Use Key From Payload: if activated, the option will use the payload secret key.
Secret Key: key in Hex or Base64 format.
Use Salt From Payload: if activated, the option will use the payload Salt; otherwise, a new Salt will be generated.
Salt: random data string used to change a password hash.
Encryption Key As Hex Value: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64 if the "Use Key From Payload" option is also activated.
Salt As Hex Value: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64.
Encrypted Message As Hex: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64.
Messages flow
Encrypt via fields
Input
{  
    "accountLabel": "account",  
    "params": {    
        "operation": "encrypt_fields",    
        "iterationCount": 1000,    
        "keyType": "STRING",    
        "algorithm": "PBEWithMD5AndDES",    
        "encryptedFields": "a.test",    
        "failOnError": true  
    }
}
Payload
{  
    "a": {    
        "test": "test"  
    }
}
Output
{  
    "a": {    
        "test": "ZmRmcw=="  
    },  
    "_salt": "ZmRmcwZmRmcw=="
}
Decrypt via field
Input
{  
    "accountLabel": "account",  
    "params": {    
        "operation": "decrypt_fields",    
        "iterationCount": 1000,    
        "keyType": "STRING",    
        "algorithm": "PBEWithMD5AndDES",    
        "encryptedFields": "a.test",    
        "useSaltFromPayload": true,    
        "salt": "{{ message._salt }}",    
        "failOnError": true  
    }
}
Payload
{  
    "a": {    
        "test": "ZmRmcw=="  
    },  
    "_salt": "ZmRmcwZmRmcw=="
}
Output
{  
    "a": {    
        "test": "test"  
    },  
    "_salt": "ZmRmcwZmRmcw=="
}
Encrypt via payload
Input
{
    "accountLabel": "pbe",    
        "params": {        
            "operation": "encrypt_payload",        
            "iterationCount": 1000,        
            "payload": "{{ message.a.test }}",        
            "keyType": "STRING",        
            "algorithm": "PBEWithMD5AndDES",        
            "failOnError": true    
        }
    }
Payload
{  
    "a": {    
        "test": "test"  
    }
}
Output
{  
    "a": {    
        "test": "test"  
    },  
    "result": "ZmRmcw==",  
    "_salt": "ZmRmcwZmRmcw=="
}
Decrypt via payload
Input
{
    "accountLabel": "pbe",    
    "params": {        
            "operation": "decrypt_payload",        
            "iterationCount": 1000,        
            "payload": "{{ message.a.test }}",        
            "keyType": "STRING",        
            "algorithm": "PBEWithMD5AndDES",        
            "useSaltFromPayload": true,
            "salt": "{{ message._salt }}",        
            "failOnError": true    
     }
}
Payload
{  
    "a": {    
        "test": "ZmRmcw=="  
    }
}
Output
{  
    "a": {    
        "test": "ZmRmcw=="  
    },  
    "result": "test",  
    "_salt": "ZmRmcwZmRmcw=="
}
LDAP
PGP
Last modified 2mo ago