IMPORTANT: This documentation has been discontinued. Read the updated Asymmetric Cryptography documentation on our new documentation portal.

Asymmetric Cryptography encrypts and decrypts based on public and private keys.

Take a look at the configuration parameters of the component:

  • Account: account to be used by the component.

  • Crypto Operation: available operation types - ENCRYPT and DECRYPT.

  • Fields To Encrypt/Decrypt: fields to be encrypted/decrypted using a dotted notation (eg.: body.field1,body.field2,body).

  • Algorithm: algorithm to be used to encrypt/decrypt data.

  • Operation Mode: operation mode to be used.

  • Padding: is used in a block cipher where we fill up the blocks with padding bytes (eg.: AES 128 bits uses 16 padding bytes).

  • Fail On Error: if the option is enabled, the execution of the pipeline with error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the “success” property.

To encrypt, you must configure a PUBLIC KEY account or pass the property key via body with the respective key.

To decrypt, you must configure a PRIVATE KEY account or pass the property key via body with the respective key.

If the key isn't configured in the account, you must specify it in the request as the model below:

{
"encryptionKey": "-- THE FOLLOWING PUBLIC KEY--"
}

Asymmetric Cryptography in Action

KEY by ACCOUNT

Config

{
"operation": "encrypt",
"algorithm": "RSA",
"operationMode": "ECB",
"padding": "OAEPWithSHA1AndMGF1Padding",
"encryptedFields": "data,data1",
"failOnError": true
}

Payload

{
"data": someData,
"data1": someData1
}

Output

{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Config

{
"operation": "decrypt",
"algorithm": "RSA",
"operationMode": "ECB",
"padding": "OAEPWithSHA1AndMGF1Padding",
"encryptedFields": "data,data1",
"failOnError": true
}

Payload

{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Output

{
"data": someData,
"data1": someData1
}

KEY by REQUEST BODY

Config

{
"operation": "encrypt",
"algorithm": "RSA",
"operationMode": "ECB",
"padding": "OAEPWithSHA1AndMGF1Padding",
"encryptedFields": "data,data1",
"failOnError": true
}

Payload

{
"encryptionKey": "-- THE FOLLOWING PUBLIC KEY--"
"data": someData,
"data1": someData1
}

Output

{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Config

{
"operation": "decrypt",
"algorithm": "RSA",
"operationMode": "ECB",
"padding": "OAEPWithSHA1AndMGF1Padding",
"encryptedFields": "data,data1",
"failOnError": true
}

Payload

{
"encryptionKey": "-- THE FOLLOWING PRIVATE KEY--"
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Did this answer your question?