Decryption
The Decryption component is used for decrypting data, based on a key (that is entered by the user) and an algorithm. To decrypt the data accurately, user must know the correct key and algorithm, using which the data has been encrypted.
The supported algorithms are DES, PGP, PGP_RFC4880, Base64, TripleDES, AES256, AES128, RC2-40, RC2-64, and RC2-128.
The Decryption component uses Cryptix as the Security provider. Hence you have to configure the JRE so that the JVM can pick up the Cryptix security provider.
Configuration
Interaction Configurations
The component has the following attributes which can be configured from its Configuration Property sheet. Figure 1 illustrates the panel with expert properties
Figure 1: Configurable properties for Decryption component
Decryption Configuration
Decryption Details consists Data Encryption Details and Verification Details.
Data Decryption Details
Figure 2: Decryption Algorithm Details
Decryption Algorithm Name
The supported algorithms that are available are DES, PGP, PGP_RFC4880, Base64, TripleDES, AES256, AES128, RC2-40, RC2-64, and RC2-128.
DES Encryption Algorithm Configuration
The following are the configurations of the individual algorithms:
For DES , the configuration panel is as shown in the Figure 2. Set the following fields accordingly.
- Encryption Key: Specify key which is used to encrypt the incoming data. Specify 32 digit key for AES256, 16 digit key for AES128, 16 digit key for DES, 24 digit key for TripleDES, 5 digit key for RC2_40, 8 digit key for RC2_64 and 16 digit key for RC2_128
- Allow Padding: Choose yes to allow padding to the key to make exactly the value required for the mentioned algorithm. It has to be chosen only when we know that encrypted data key is also padded.
AES256, AES192, AES128, TripleDES Encryption Algorithm configurations
Figure 3: AES256 , AES192 , AES128,TripleDES Encryption configuration
- Set the Encryption key and the Padding key details similar to the DES algorithm.
- Initialization Vector: Mention the unique 64 bit input used in the encryption.
RC2_40, RC2_64,RC2_128 Encription Algorithm Configurations
Figure 4: RC2_40, RC2_64,RC2_128 Algorithm Encryption
Provide the encryption in the same way as for the DES algorithm .
PGP Encryption Configuration
Figure 5: PGP, PGP_RFC4880 Algorithm Encryption
- Verify: Select this option to sign the message when the algorithm used is PGP.
- Public Key File: Specify public key file used in case of PGP Algorithm
- Private Key File: Specify private key file used in case of PGP Algorithm
- Passphrase: Required for signing in case of PGP algorithm.
RSA Encryption Configuration
Figure 6: RSA Algorithm Encryption
Key Source:There are four options under Key Source :
- Text : This requires the Encryption Key details
- Encryption Key : Specify the appropriate Encryption Key for the selected algorithm to be used to decrypt the incoming data..
- PublicKeyFile: The public Key File field has to be filled for this.
- Public Key File: Provide the file containing the public key.
- PrivateKeyFile: The Private Key Password and the Private Key File are the active fields under this.
- Private Key password: Provide the private key password.
- Private Key File: Provide the file containing the Private Key .
- Certificate: Certificate File is the active field when the key source is Certificate.
- Certificate File: provide the path of the X509 Certificate.
Digest Decryption Details
Figure 7: Digest type for verifying digested data can be provided as given above.
- VerifySigned Data: Select to verify only when you know that encrypted data has been signed.
- Digest Type: The supported algorithms for signing/digesting data are are MD5 and SHA-1.
- Decryption Algorithm Name: Specify the encryption details which are used to encrypt the signed data. It is done in the same way as shown in Data Encryption Details. Algorithm for data encryption and digest data encryption need not be same.
Decrytion Algorithm Name
Specify the encryption details which are used to encrypt the signed data. It is done in the same way as shown in Data Encryption Details. Algorithm for data encryption and digest data encryption need not be same.
The following Encryption Algorithms are available:
- DES
- AES256
- AES128
- AES192
- RC2_40
- RC2_64
- RC2_128
- TripleDES
- PGP
- Base64Encoding
- RSA
The individual configurations are similar to that of Data Encryption Details.
Binary Output Required
Click yes if Binary Output is needed. Else decrypted data will be in string format.
Binary Input Required
Click yes if input is Binary.
Read Input From File?
Choose this option to read input from a file instead of component input port.
Input File Directory
Directory where the input file is located.
Input File Name
Name of the input File.
Write output to File?
Select this option if output is to be written into a file.
Output File Directory
Directory where output file needs to be stored.
Output File Name
Name of the output file.
Decode Data
Decode Data before decrypting using Base64 scheme. This option has to be enabled if the encrypted data is encoded using Base64 scheme as in the case of Encryption component when the Binary Output is not selected and Encoded Data option is used.
Only Verify Signed Data
Check this option when the signed message need to be verified without decrypting the data.
Configure the Decryption component as described in Configuration and Testing section and use feeder and display component to send sample input and check the response respectively.
Figure 8: Sample input
Figure 9: Sample output
Functional Demonstration
Scenario 1
Encryption of data received from input.
Configure the Decryption component as described in Configuration and Testing section and use feeder and display component to send sample input and check the response respectively.
Figure 10: Demonstrating Scenario 1 with sample input and output
Use Case Scenario
In a bond trading scenario, request for quotes (RFQ) are sent in encrypted form to the appropriate exchanges and the received encrypted responses are decrypted at the user end
Figure 11: Bond Trading Scenario
The event process that demonstrates this scenario is bundled with the installer. Note encryption and decryption components may not be present.
Documentation of the scenario and instructions to run the flow can be found in the Help tab of the flow present in eStudio.