RSA Cryptography

Discover more about the RSA Cryptography connector and how to use it on the Digibee Integration Platform.

The RSA Cryptography connector encrypts and decrypts based on the RSA algorithm.

Parameters

Take a look at the configuration parameters of the connector. Parameters supported by Double Braces expressions are marked with (DB).

General tab

Parameter

Description

Default value

Data type

Account

Account to be used by the connector.

N/A

String

Crypto Operation

Available operation types - Encrypt Fields, Decrypt Fields, Encrypt Payload, Decrypt Payload, Unwrap Key, and Wrap Key.

Encrypt Fields

String

Fields To Encrypt/Decrypt

Fields to be encrypted/decrypted using a dotted notation (e.g., body.field1, body.field2, body).

a.test

String

Payload To Encrypt/Decrypt

Payload to be encrypted/decrypted using dotted notation.

N/A

String

Secret Key

Secret Key to be wrapped/unwrapped using dotted notation.

N/A

String

Operation Mode

Operation mode to be used.

ECB

String

Padding

Used in a block cipher where we fill up the blocks with padding bytes (e.g., AES 128 bits uses 16 padding bytes).

OAEPWithSHA-512AndMGF1Padding

String

Charset

Charset of the provided key of type string.

UTF-8

String

Encrypted Message As Hexa

If the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in base64.

False

Boolean

Fail On Error

If the option is enabled, the execution of the pipeline with an error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the "success" property.

False

Boolean

Documentation tab

Parameter

Description

Default value

Data type

Documentation

Section for documenting any necessary information about the connector configuration and business rules.

N/A

String

To encrypt or wrap, you must configure a Public Key account. Encrypt operations also support the property key via body with the respective key.

To decrypt or unwrap, you must configure a Private Key account.

Parameters additional information

Wrap and Unwrap Key

Wrap and unwrap operations differ slightly from encrypt and decrypt operations. When you wrap a key, you not only encrypt it but also add integrity protection to ensure the key remains untampered. Similarly, when you unwrap a key, you decrypt it while simultaneously validating its integrity.

In the RSA Cryptography connector, these operations are designed to securely encapsulate a session (or secret) key for transfer through other Digibee connectors, ensuring both confidentiality and integrity.

Since these are experimental features, only one specific configuration is currently supported.

For Wrap Key Crypto Operation

In the Account field, you must select a public key from an RSA 2048-bit key pair.

In the Secret Key field, you must specify a 256-bit AES key from the input payload. Use dotted notation to reference the respective key field.

Values will be encrypted in hexadecimal format.

The RSA wrapping operation will be performed with the following parameters:

Operation Mode: ECB
Padding Scheme: OAEPWithSHA-256AndMGF1Padding

For Unwrap Key Crypto Operation

In the Account field, you must select a private key from an RSA 2048-bit key pair.

In the Secret Key field, you must specify a 256-bit AES key from the input payload. Use dotted notation to reference the respective key field.

Values will be encrypted in hexadecimal format.

The RSA unwrapping operation will be performed with the following parameters:

Operation Mode: ECB
Padding Scheme: OAEPWithSHA-256AndMGF1Padding

Messages flow

Operation: Encrypt Fields

Input

{
    "operation": "encrypt_fields",
    "operationMode": "ECB",
    "padding": "OAEPWithSHA1AndMGF1Padding",
    "encryptedFields": "data,data1",
    "failOnError": true,
    "key": "PoeK/VBTcUyRHFkmWYjckbhsRLnZur6S83lKZ78V51EL3KlDNnPJZkdz+m7joRfOxFuEqU=" // Inform the Key parameter if the Account is not configured
}

Payload

{
    "data": someData,
    "data1": someData1
}

Output

{
    "data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
    "data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Operation: Decrypt Fields

Input

{
    "operation": "decrypt_fields",
    "operationMode": "ECB",
    "padding": "OAEPWithSHA1AndMGF1Padding",
    "encryptedFields": "data,data1",
    "failOnError": true
}

Payload

{
    "data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
    "data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Output

{
    "data": someData,
    "data1": someData1
}

Operation: Wrap Key

Payload

{
  "encryptedData": {
    "key": "D379C385D6234349046ABCFD42160E5B461E852A63F53B8FDA3B6ED044332E34"
  }
}

Output

{
  "encryptedData": {
    "key": "1e9fbbe9f77020cd05318d71ae242c68ab62981cc40b0e88c42ad89bb24807e46c6589edbb81bc7271c3824d60c2fa754651325eb2510a7cd82125f4ca9356b0b48d2dea8e8348f68173eabecb096a4c41a4a852ec2fb7cd9b0381d080e9d1e09a0bb614d3bbf550e52fe4583a5fdd47623e13256c69ee434b6c44d2e90de89804f0e0ff1c83f25adeef9ae89e657b79d8270511b9be5ce56a8955b2c8c5356c9639e6556c12c208a58e2d30e554a51d3a45317de54ab7380482f2d9f6d70c0223594b39c1c2f6f1d28301cb128167946082085c6dbf89825b6fc41929380305d4a5009d85c97d3d08f9672e66e71188b02eb23dffcb40271f1bb7b4d2f4fd5b"
  }
}

Operation: Unwrap Key

Payload

{
  "encryptedData": {
    "key": "1e9fbbe9f77020cd05318d71ae242c68ab62981cc40b0e88c42ad89bb24807e46c6589edbb81bc7271c3824d60c2fa754651325eb2510a7cd82125f4ca9356b0b48d2dea8e8348f68173eabecb096a4c41a4a852ec2fb7cd9b0381d080e9d1e09a0bb614d3bbf550e52fe4583a5fdd47623e13256c69ee434b6c44d2e90de89804f0e0ff1c83f25adeef9ae89e657b79d8270511b9be5ce56a8955b2c8c5356c9639e6556c12c208a58e2d30e554a51d3a45317de54ab7380482f2d9f6d70c0223594b39c1c2f6f1d28301cb128167946082085c6dbf89825b6fc41929380305d4a5009d85c97d3d08f9672e66e71188b02eb23dffcb40271f1bb7b4d2f4fd5b"
  }
}

Output

{
  "encryptedData": {
    "key": "D379C385D6234349046ABCFD42160E5B461E852A63F53B8FDA3B6ED044332E34"
  }
}

PreviousPGP NextSymmetric Cryptography

Last updated 27 days ago