IMPORTANT: This documentation has been discontinued. Read the updated Symmetric Cryptography documentation on our new documentation portal.

Symmetric Cryptography encrypts and decrypts based on symmetric cryptography.

Take a look at the configuration parameters of the component:

  • Crypto Operation: available operation types - ENCRYPT and DECRYPT.

  • Account: account to be used by the component.

  • Fields To Encrypt/Decrypt: fields to be encrypted/decrypted using a dotted notation (eg.: body.field1,body.field2,body).

  • Algorithm: algorithm to be used to encrypt/decrypt data.

  • Algorithm Key Size: size of the algorithm key.

  • Operation Mode: operation mode to be used.

  • Padding: is used in a block cipher where we fill up the blocks with padding bytes (eg.: AES 128 bits uses 16 padding bytes).

  • Fail On Error: if the option is enabled, the execution of the pipeline with error will be interrupted; otherwise, the pipeline execution proceeds, but the result will show a false value for the “success” property.

  • Advanced Settings: advanced configurations.

  • Use IV: if selected, the option determines the IV (initialization vector) for the CBC mode.

  • Use Your Own Key: if selected, the option will use your own key generated to encrypt and decrypt data.

  • Encryption Key As Hex Value: if selected, the option expects/produces an Encryption Key as Hex; otherwise, it will be expected/produced as base64.

  • Concatenate IV: an encrypted message is expected/produced with Concatenate IV (IV+MESSAGE); otherwise, a IV parameter will be produced during the encryption and IV in IV will be expected in the "Decryption" field.

  • Encrypted Message As Hex: if selected, the option expects/produces an encrypted message in Hex format; otherwise, it will be expected/produced as base64.

IMPORTANT: if you want to use your own key by account, it will be necessary to set a SECRET-KEY account or pass the respective property. You can specify it with a request, as the model below:

{
"encryptionKey": "-- THE FOLLOWING KEY--"
}

Messages flow

  • KEY by ACCOUNT

Operation ENCRYPT

Input

{
"operation": "encrypt",
"useOwnKey": true,
"useIV": true,
"algorithm": "AES",
"operationMode": "CBC",
"padding": "PKCS5Padding",
"failOnError": true,
"encryptedMessageAsHex": false,
"iVAsHex": false,
"encryptedFields": "data,data1"
}

Payload

{
"data": someData,
"data1": someData1
}

Output

{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Input

{
"operation": "encrypt",
"useOwnKey": true,
"useIV": true,
"algorithm": "AES",
"operationMode": "CBC",
"padding": "PKCS5Padding",
"failOnError": true,
"encryptedMessageAsHex": false,
"iVAsHex": false,
"encryptedFields": "data,data1"
}

Payload

{
"encryptionKey": "-- THE FOLLOWING PUBLIC KEY--",
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Output

{
"ivParameterSpec": "RXZlbiBpZiBwZXJmZWN0IGNy==",
"data": someData,
"data1": someData1
}

  • KEY by REQUEST BODY

Operation ENCRYPT

Input

{
"operation": "encrypt",
"useOwnKey": true,
"useIV": true,
"algorithm": "AES",
"operationMode": "CBC",
"padding": "PKCS5Padding",
"failOnError": true,
"encryptedMessageAsHex": false,
"iVAsHex": false,
"encryptedFields": "data,data1"
}

Payload

{
"encryptionKey": "-- THE FOLLOWING PUBLIC KEY--"
"data": someData,
"data1": someData1
}

Output

{
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="
}

Input

{
"operation": "decrypt",
"useOwnKey": true,
"useIV": true,
"algorithm": "AES",
"operationMode": "CBC",
"padding": "PKCS5Padding",
"failOnError": true,
"encryptedMessageAsHex": false,
"iVAsHex": false,
"encryptedFields": "data,data1"
}

Payload

{
"ivParameterSpec": "RXZlbiBpZiBwZXJmZWN0IGNy==",
"encryptionKey": "-- THE FOLLOWING PRIVATE KEY--"
"data": "RXZlbiBpZiBwZXJmZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH=",
"data1": "RXZlbiBpZifd441mZWN0IGNyeXB0b2dyYXBoaWMgcm91dGluZXMgYXJlIH="

}
Did this answer your question?