IMPORTANT: This documentation has been discontinued. Read the updated PBE Cryptography documentation on our new documentation portal.
PBE Cryptography makes encryption and decryption operations using PBE algorithm (Password Based Encryption).
Take a look at the configuration parameters of the component:
Crypto Operation: available operation types - ENCRYPT FIELDS, DECRYPT FIELDS, ENCRYPT PAYLOAD and DECRYPT PAYLOAD.
Account: account to be used by the component - a SECRET-KEY type account is expected.
Iteration Count: number of iterations with Salt.
Algorithm: algorithm type to be used.
Fields To Encrypt/Decrypt: fields to be encrypted/decrypted using a dotted notation (eg.: body.field1,body.field2,body).
Charset: encoding type.
Secret Key Type: secret key format (String, Hexadecimal or Base64).
Fail On Error: if the option is activated, the pipeline with error execution will be suspended; otherwise, the pipeline execution continues, but the result will show a false value for the success property.
Advanced Settings: advanced configurations.
Use Key From Payload: if activated, the option will use the payload secret key.
Secret Key: key in Hex or Base64 format.
Use Salt From Payload: if activated, the option will use the payload Salt; otherwise, a new Salt will be generated.
Salt: random data string used to change a password hash.
Encryption Key As Hex Value: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64 if the "Use Key From Payload" option is also activated.
Salt As Hex Value: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64.
Encrypted Message As Hex: if the option is activated, the secret key response will be in hexadecimal; otherwise, it will be in Base64.
Messages flow
Encrypt via fields
Input
{
"accountLabel": "account",
"params": {
"operation": "encrypt_fields",
"iterationCount": 1000,
"keyType": "STRING",
"algorithm": "PBEWithMD5AndDES",
"encryptedFields": "a.test",
"failOnError": true
}
}
Payload
{
"a": {
"test": "test"
}
}
Output
{
"a": {
"test": "ZmRmcw=="
},
"_salt": "ZmRmcwZmRmcw=="
}
Decrypt via fields
Input
{
"accountLabel": "account",
"params": {
"operation": "decrypt_fields",
"iterationCount": 1000,
"keyType": "STRING",
"algorithm": "PBEWithMD5AndDES",
"encryptedFields": "a.test",
"useSaltFromPayload": true,
"salt": "{{ message._salt }}",
"failOnError": true
}
}
Payload
{
"a": {
"test": "ZmRmcw=="
},
"_salt": "ZmRmcwZmRmcw=="
}
Output
{
"a": {
"test": "test"
},
"_salt": "ZmRmcwZmRmcw=="
}
Encrypt via payload
Input
{
"accountLabel": "pbe",
"params": {
"operation": "encrypt_payload",
"iterationCount": 1000,
"payload": "{{ message.a.test }}",
"keyType": "STRING",
"algorithm": "PBEWithMD5AndDES",
"failOnError": true
}
}
Payload
{
"a": {
"test": "test"
}
}
Output
{
"a": {
"test": "test"
},
"result": "ZmRmcw==",
"_salt": "ZmRmcwZmRmcw=="
}
Decrypt via payload
Input
{
"accountLabel": "pbe",
"params": {
"operation": "decrypt_payload",
"iterationCount": 1000,
"payload": "{{ message.a.test }}",
"keyType": "STRING",
"algorithm": "PBEWithMD5AndDES",
"useSaltFromPayload": true,
"salt": "{{ message._salt }}",
"failOnError": true
}
}
Payload
{
"a": {
"test": "ZmRmcw=="
}
}
Output
{
"a": {
"test": "ZmRmcw=="
},
"result": "test",
"_salt": "ZmRmcwZmRmcw=="
}