Encryption Details consists consist of Data Encryption Information and Signing Information.
For DES, the configuration panel is as shown in the Figure 2. Set the following fields accordingly.
- Encryption Key: Specify key which is used to encrypt the incoming data. Specify 32 digit key for AES256, 16 digit key for AES128, 16 digit key for DES, 24 digit key for TripleDES, 5 digit key for RC2_40, 8 digit key for RC2_64 and 16 digit key for RC2_128
- Allow Padding to key: Enable this property to allow padding to the key to make exactly the value required for the mentioned algorithm. It has to be chosen only when the encrypted data key is also padded.
- Transformation: <> Transformation always includes the name of a cryptographic algorithm (e.g., AES), and may be followed by a feedback mode and padding scheme.
AES256, AES192, AES128, TripleDES Encryption Algorithm
Set the Encryption key and the Padding key details similar to the DES algorithm.
- Key Encoded Format: <>Specify appropriate encoding format for the key. Examples: (UTF-8), (ISO-8859-1).
- Key Conversion Type: <>
- Base64: <>
- Hex: <>
None: Select if the Encryption key is simple string.
Base64: Select if the Encryption key is Base64 Encoded.
Hex: Select if the Encryption key is Hexadecimal Encoded.
Allow padding to key: Enable this property to allow padding to the key to make exactly the value required for the mentioned algorithm. It has to be chosen only when the encrypted data key is also padded.
This button will be disabled in case of Base64 and Hex.
- InitializationVector: Mention the unique 64 bit input used in the encryption.
Figure 4: RC2_40, RC2_64,RC2_128 Algorithm Encription Encryption
Provide the encryption in the same way as for the DES algorithm.
- Sign: Select this option to sign the message when the algorithm used is "PGP".
- Public Key File: Specify public key file used in case of PGP Algorithm
- Private Key File: Specify private key file used in case of PGP Algorithm
- Passphrase: Required for signing in case of a PGP algorithm.
RSA Encryption Configuration
- Text: This requires the Encryption Key details
- Encryption Key: Specify Specify the appropriate Encryption Key for the selected algorithm to be used to decrypt the incoming data..
- PublicKeyFile: The public Key File field has to be filled for this.
- Public Key File: Provide the file containing the public key.
- PrivateKeyFile: The Private Key Password and the Private Key File are the active fields under this.
- Private Key password: Provide the private key password.
- Private Key File: Provide the file containing the Private Key
- Certificate: Certificate File is the active field when the key source is Certificate.
- Certificate File: provide the path of the X509 Certificate.
- SignData: Select to verify only when you know that encrypted data has been signed.
- DigestType: The supported algorithms for signing/digesting data are are MD5, SHA-1, SHA-256, SHA-384, and SHA-512.
Encryption Algorithm Name
Specify the encryption details which are used to encrypt the signed data. It is done in the same way as shown in Data Encryption Details. Algorithm The algorithm for data encryption and digest data encryption need not be the same.
The following Encryption Algorithms are available:
Encode Data after encrypting using the Base64 encoding scheme, This option will help in avoiding characters of encrypted data included in the output XML generated if the Binary Output option is not selected.
Check this option if the data has to be only signed without Encrypting.
Input to Encryption component can be in XML format. The XML format is shown in Figure 4. The values of Encryption Algorithm Parameters and Digest Parameters can be mentioned or else these values are taken from cps.
For more details, refer to the respective section under in respective section under the Common Configurations page.
Encryption of data received from the input.
Configure the Encryption component as described in the Configuration and Testing section and section and use the feeder and display component to send sample input and check the response respectively.
Figure 14: Sample Output in xmlXML format
In a bond trading scenario, request for quotes (RFQ) are is sent in encrypted form to the appropriate exchanges and the received encrypted responses are decrypted at the user end.