Links

Symmetric Cryptography

Know the component and how to use it.
Symmetric Cryptography encrypts and decrypts based on symmetric cryptography.
Take a look at the configuration parameters of the component:
  • Crypto Operation: available operation types - ENCRYPT and DECRYPT.
  • Account: account which will be used by the component. A PRIVATE-KEY account is expected. The size configured on the Algorithm Key Size parameter must match the PRIVATE-KEY algorithm size. Otherwise, an error message will be returned.
  • Fields To Encrypt/Decrypt: fields to be encrypted/decrypted using a dotted notation (eg.: body.field1,body.field2,body).
  • Algorithm: algorithm to be used to encrypt/decrypt data.
  • Algorithm Key Size: size of the algorithm key. As stated previously, the size configured in this parameter must match the PRIVATE-KEY algorithm size.
  • Operation Mode: operation mode to be used.
  • Padding: is used in a block cipher where we fill up the blocks with padding bytes (eg.: AES 128 bits uses 16 padding bytes).
  • Fail On Error: if the option is enabled, the execution of the pipeline with error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the “success” property.
  • Advanced Settings: advanced configurations.
  • Use IV: this option is valid only for the ENCRYPT operation. If selected, the option determines the IV (initialization vector) for the CBC mode.
  • Use Your Own Key: if selected, the option will use your own key generated to encrypt and decrypt data.
  • Encryption Key As Hex Value: if selected, the option expects/produces an Encryption Key as Hex; otherwise, it will be expected/produced as base64.
  • Concatenate IV: an encrypted message is expected/produced with Concatenate IV (IV+MESSAGE); otherwise, an IV parameter will be produced during the encryption and IV in IV will be expected in the "Decryption" field.
  • IV as Hex Value: this option is not available if Concatenate IV is enabled. If selected, the option expects/produces an IV parameter in Hex format; otherwise, it will be expected/produced as base64.
  • Encrypted Message As Hex: if selected, the option expects/produces an encrypted message in Hex format; otherwise, it will be expected/produced as base64.

Messages flow

KEY by ACCOUNT - Operation ENCRYPT

Input

{
"operation": "encrypt",
"useOwnKey": true,
"useIV": true,
"algorithm": "AES",
"operationMode": "CBC",
"padding": "PKCS5Padding",
"failOnError": true,
"encryptedMessageAsHex": false,
"iVAsHex": false,
"encryptedFields": "data,data1"
}

Payload

{
"data": someData,
"data1": someData1
}

Output

{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Input

{
"operation": "encrypt",
"useOwnKey": true,
"useIV": true,
"algorithm": "AES",
"operationMode": "CBC",
"padding": "PKCS5Padding",
"failOnError": true,
"encryptedMessageAsHex": false,
"iVAsHex": false,
"encryptedFields": "data,data1"
}

Payload

{
"encryptionKey": "-- THE FOLLOWING PUBLIC KEY--",
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Output

{
"ivParameterSpec": "RXZlbiBpZiBwZXJmZWN0IGNy==",
"data": someData,
"data1": someData1
}

KEY by REQUEST BODY - Operation ENCRYPT

Input

{
"operation": "encrypt",
"useOwnKey": true,
"useIV": true,
"algorithm": "AES",
"operationMode": "CBC",
"padding": "PKCS5Padding",
"failOnError": true,
"encryptedMessageAsHex": false,
"iVAsHex": false,
"encryptedFields": "data,data1"
}

Payload

{
"encryptionKey": "-- THE FOLLOWING PUBLIC KEY--"
"data": someData,
"data1": someData1
}

Output

{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Input

{
"operation": "decrypt",
"useOwnKey": true,
"useIV": true,
"algorithm": "AES",
"operationMode": "CBC",
"padding": "PKCS5Padding",
"failOnError": true,
"encryptedMessageAsHex": false,
"iVAsHex": false,
"encryptedFields": "data,data1"
}

Payload

{
"ivParameterSpec": "RXZlbiBpZiBwZXJmZWN0IGNy==",
"encryptionKey": "-- THE FOLLOWING PRIVATE KEY--"
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}