RSA Cryptography
Discover more about the RSA Cryptography connector and how to use it on the Digibee Integration Platform.
The RSA Cryptography connector encrypts and decrypts based on the RSA algorithm.
Parameters
Take a look at the configuration parameters of the connector. Parameters supported by Double Braces expressions are marked with (DB).
General tab
Account
Account to be used by the connector.
N/A
String
Crypto Operation
Available operation types - Encrypt Fields, Decrypt Fields, Encrypt Payload, Decrypt Payload, Unwrap Key, and Wrap Key.
Encrypt Fields
String
Fields To Encrypt/Decrypt
Fields to be encrypted/decrypted using a dotted notation (e.g., body.field1, body.field2, body).
a.test
String
Payload To Encrypt/Decrypt
Payload to be encrypted/decrypted using dotted notation.
N/A
String
Secret Key
Secret Key to be wrapped/unwrapped using dotted notation.
N/A
String
Operation Mode
Operation mode to be used.
ECB
String
Padding
Used in a block cipher where we fill up the blocks with padding bytes (e.g., AES 128 bits uses 16 padding bytes).
OAEPWithSHA-512AndMGF1Padding
String
Charset
Charset of the provided key of type string.
UTF-8
String
Encrypted Message As Hexa
If the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in base64.
False
Boolean
Fail On Error
If the option is enabled, the execution of the pipeline with an error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the "success" property.
False
Boolean
Documentation tab
Documentation
Section for documenting any necessary information about the connector configuration and business rules.
N/A
String
To encrypt or wrap, you must configure a Public Key account. Encrypt operations also support the property key via body with the respective key.
To decrypt or unwrap, you must configure a Private Key account.
Parameters additional information
Wrap and Unwrap Key
Wrap and unwrap operations differ slightly from encrypt and decrypt operations. When you wrap a key, you not only encrypt it but also add integrity protection to ensure the key remains untampered. Similarly, when you unwrap a key, you decrypt it while simultaneously validating its integrity.
In the RSA Cryptography connector, these operations are designed to securely encapsulate a session (or secret) key for transfer through other Digibee connectors, ensuring both confidentiality and integrity.
Since these are experimental features, only one specific configuration is currently supported.
For Wrap Key Crypto Operation
In the Account field, you must select a public key from an RSA 2048-bit key pair.
In the Secret Key field, you must specify a 256-bit AES key from the input payload. Use dotted notation to reference the respective key field.
Values will be encrypted in hexadecimal format.
The RSA wrapping operation will be performed with the following parameters:
Operation Mode: ECB
Padding Scheme: OAEPWithSHA-256AndMGF1Padding
For Unwrap Key Crypto Operation
In the Account field, you must select a private key from an RSA 2048-bit key pair.
In the Secret Key field, you must specify a 256-bit AES key from the input payload. Use dotted notation to reference the respective key field.
Values will be encrypted in hexadecimal format.
The RSA unwrapping operation will be performed with the following parameters:
Operation Mode: ECB
Padding Scheme: OAEPWithSHA-256AndMGF1Padding
Messages flow
Operation: Encrypt Fields
Input
{
"operation": "encrypt_fields",
"operationMode": "ECB",
"padding": "OAEPWithSHA1AndMGF1Padding",
"encryptedFields": "data,data1",
"failOnError": true,
"key": "PoeK/VBTcUyRHFkmWYjckbhsRLnZur6S83lKZ78V51EL3KlDNnPJZkdz+m7joRfOxFuEqU=" // Inform the Key parameter if the Account is not configured
}Payload
{
"data": someData,
"data1": someData1
}Output
{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}Operation: Decrypt Fields
Input
{
"operation": "decrypt_fields",
"operationMode": "ECB",
"padding": "OAEPWithSHA1AndMGF1Padding",
"encryptedFields": "data,data1",
"failOnError": true
}Payload
{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}Output
{
"data": someData,
"data1": someData1
}Operation: Wrap Key
Payload
{
"encryptedData": {
"key": "D379C385D6234349046ABCFD42160E5B461E852A63F53B8FDA3B6ED044332E34"
}
}Output
{
"encryptedData": {
"key": "1e9fbbe9f77020cd05318d71ae242c68ab62981cc40b0e88c42ad89bb24807e46c6589edbb81bc7271c3824d60c2fa754651325eb2510a7cd82125f4ca9356b0b48d2dea8e8348f68173eabecb096a4c41a4a852ec2fb7cd9b0381d080e9d1e09a0bb614d3bbf550e52fe4583a5fdd47623e13256c69ee434b6c44d2e90de89804f0e0ff1c83f25adeef9ae89e657b79d8270511b9be5ce56a8955b2c8c5356c9639e6556c12c208a58e2d30e554a51d3a45317de54ab7380482f2d9f6d70c0223594b39c1c2f6f1d28301cb128167946082085c6dbf89825b6fc41929380305d4a5009d85c97d3d08f9672e66e71188b02eb23dffcb40271f1bb7b4d2f4fd5b"
}
}Operation: Unwrap Key
Payload
{
"encryptedData": {
"key": "1e9fbbe9f77020cd05318d71ae242c68ab62981cc40b0e88c42ad89bb24807e46c6589edbb81bc7271c3824d60c2fa754651325eb2510a7cd82125f4ca9356b0b48d2dea8e8348f68173eabecb096a4c41a4a852ec2fb7cd9b0381d080e9d1e09a0bb614d3bbf550e52fe4583a5fdd47623e13256c69ee434b6c44d2e90de89804f0e0ff1c83f25adeef9ae89e657b79d8270511b9be5ce56a8955b2c8c5356c9639e6556c12c208a58e2d30e554a51d3a45317de54ab7380482f2d9f6d70c0223594b39c1c2f6f1d28301cb128167946082085c6dbf89825b6fc41929380305d4a5009d85c97d3d08f9672e66e71188b02eb23dffcb40271f1bb7b4d2f4fd5b"
}
}Output
{
"encryptedData": {
"key": "D379C385D6234349046ABCFD42160E5B461E852A63F53B8FDA3B6ED044332E34"
}
}Was this helpful?