The Encrypt Message policy helps in encrypting messages before sending them to the target endpoint or an API consumer. Encryption is done based on a key (user-defined) and an algorithm.
Configuration
The properties that have to be configured to use the policy are described below.
Figure 1: Encrypt Message Policy Configuration
Property | Description |
Encryption Algorithm | Select the algorithm to be used for encryption. The supported algorithms are DES, Base64, TripleDES, AES256, AES128, RC2-40, RC2-64, and RC2-128. |
Encryption Key | Specify the key which is used to encrypt the incoming data. Specify 32 digit key for AES256, 16 digit key for AES128, 16 digit key for DES, 24 digit key for TripleDES, 5 digit key for RC2_40, 8 digit key for RC2_64 and 16 digit key for RC2_128 |
Allow Padding to key | Enable this property to allow padding to the key to make the exact value to be required for the mentioned algorithm. It has to be chosen only when the encrypted data key is also padded. |
Initialization Vector | Mention the unique 64 bit input used in the encryption. |
Example
This example illustrates the encryption of Target Response message.
When Encrypt Message policy is not configured, the response for the request: http://192.168.2.39:1860/cc2/1.0/conversionrate?FromCurrency=INR&ToCurrency=USD
will be
{"Envelope": {"Body": {"ConversionRateResponse": {"ConversionRateResult": "0.0157"}}}} |
Create an Encrypt Message policy with the default configuration and add it to Target Response scope.
The response after this configuration is displayed below:
MZqQFfmEtEDE1kAHbej5ITDVwlHqw5Ip2A6my9bie3U6Im2QSvBGeVuZbiqIwjmuZx11pkNOTxldDN+PlGKfvQRADfMv4NXSV8kNYV1tmempKucyG2Gg4HYE4PdWmmiH |