Encrypt
This API encrypts data using key specified by name.
URL
<http/https>://<host-name>:<Port>/protectappws/services/rest/encrypt
Input Parameters
| Parameters | Description |
|---|---|
| username | User name. |
| password | Password associated with the user. |
| keyname | Name of the key to be used for encryption. |
| plaintext | ASCII text to be encrypted, or hex if binary encryption is desired. |
| keyiv | Optional/blank. If blank, use the key’s default IV, else, specify in Hex characters. The number of Hex character must be specific to the transformation used. |
| transformation | Transformation to be used. For example: AES/ ECIES/CBC/PKCS5Padding. For more information on supported ECIES transformations, refer to the CipherTrust Application Data Protection for Java User Guide. |
| certAlias | Client certificate alias for making SSL connections (optional). |
| certPass | Password for the provided certificate alias (optional). |
Sample REST call for cxf
request
{
"Encrypt": {
"username": "cryptouser",
"password": "safenet123",
"keyname": "testKey",
"keyiv": "12345678123456781234567812345678",
"transformation": "AES/CBC/PKCS5Padding",
"plaintext": "hello"
}
}
response
{
"EncryptResponse": {
"cipherText": "100010C9CE1F70A6663BF3B9A2F62CD852F437"
}
}
Sample SOAP Parameters
<prot:Encrypt>
<username>cryptouser</username>
<password>qwerty1234</password>
<keyname>aes256vt</keyname>
<plaintext>0000111122223333</plaintext>
<!--Optional:-->
<keyiv></keyiv>
<!--Optional:-->
<transformation>AES/CBC/PKCS5Padding</transformation>
</prot:Encrypt>
Output
Encrypted data in Hex.
<ns1:EncryptResponse xmlns:ns1="http://dsws.org/protectappws/">70C49C826D60E8564EDD51E8BF276C0FFF79D25420251D740D14C3919EC6663D</ns1:EncryptResponse>
Note
In almost all cases the keyiv and transformation should not be specified: It is a useful practice to utilize the Key Manager appliances capability to store the IV for the application and AES/CBC/PKCS5Padding – the default - is the most recommended cipher block mode.
