Links

PBE Cryptography

Know the component and how to use it.
PBE Cryptography makes encryption and decryption operations using PBE algorithm (Password Based Encryption).
Take a look at the configuration parameters of the component:
  • Crypto Operation: available operation types - ENCRYPT FIELDS, DECRYPT FIELDS, ENCRYPT PAYLOAD and DECRYPT PAYLOAD.
  • Account: account to be used by the component - a SECRET-KEY type account is expected.
  • Iteration Count: number of iterations with Salt.
  • Algorithm: algorithm type to be used.
  • Fields To Encrypt/Decrypt: fields to be encrypted/decrypted using a dotted notation (eg.: body.field1,body.field2,body).
  • Charset: encoding type.
  • Secret Key Type: secret key format (String, Hexadecimal or Base64).
  • Fail On Error: if the option is activated, the pipeline with error execution will be suspended; otherwise, the pipeline execution continues, but the result will show a false value for the success property.
  • Advanced Settings: advanced configurations.
  • Use Key From Payload: if activated, the option will use the payload secret key.
  • Secret Key: key in Hex or Base64 format.
  • Use Salt From Payload: if activated, the option will use the payload Salt; otherwise, a new Salt will be generated.
  • Salt: random data string used to change a password hash.
  • Encryption Key As Hex Value: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64 if the "Use Key From Payload" option is also activated.
  • Salt As Hex Value: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64.
  • Encrypted Message As Hex: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64.

Messages flow

Encrypt via fields

Input

{
"accountLabel": "account",
"params": {
"operation": "encrypt_fields",
"iterationCount": 1000,
"keyType": "STRING",
"algorithm": "PBEWithMD5AndDES",
"encryptedFields": "a.test",
"failOnError": true
}
}

Payload

{
"a": {
"test": "test"
}
}

Output

{
"a": {
"test": "ZmRmcw=="
},
"_salt": "ZmRmcwZmRmcw=="
}

Decrypt via field

Input

{
"accountLabel": "account",
"params": {
"operation": "decrypt_fields",
"iterationCount": 1000,
"keyType": "STRING",
"algorithm": "PBEWithMD5AndDES",
"encryptedFields": "a.test",
"useSaltFromPayload": true,
"salt": "{{ message._salt }}",
"failOnError": true
}
}

Payload

{
"a": {
"test": "ZmRmcw=="
},
"_salt": "ZmRmcwZmRmcw=="
}

Output

{
"a": {
"test": "test"
},
"_salt": "ZmRmcwZmRmcw=="
}

Encrypt via payload

Input

{
"accountLabel": "pbe",
"params": {
"operation": "encrypt_payload",
"iterationCount": 1000,
"payload": "{{ message.a.test }}",
"keyType": "STRING",
"algorithm": "PBEWithMD5AndDES",
"failOnError": true
}
}

Payload

{
"a": {
"test": "test"
}
}

Output

{
"a": {
"test": "test"
},
"result": "ZmRmcw==",
"_salt": "ZmRmcwZmRmcw=="
}

Decrypt via payload

Input

{
"accountLabel": "pbe",
"params": {
"operation": "decrypt_payload",
"iterationCount": 1000,
"payload": "{{ message.a.test }}",
"keyType": "STRING",
"algorithm": "PBEWithMD5AndDES",
"useSaltFromPayload": true,
"salt": "{{ message._salt }}",
"failOnError": true
}
}

Payload

{
"a": {
"test": "ZmRmcw=="
}
}

Output

{
"a": {
"test": "ZmRmcw=="
},
"result": "test",
"_salt": "ZmRmcwZmRmcw=="
}
Last modified 2mo ago