Encrypt
This API encrypts data using key specified by name.
URL
<http/https>://<host-name>:<Port>/protectappws/services/rest/encrypt
Input Parameters
Parameters | Description |
---|---|
username | User name. |
password | Password associated with the user. |
keyname | Name of the key to be used for encryption. |
plaintext | ASCII text to be encrypted, or hex if binary encryption is desired. |
keyiv | Optional/blank. If blank, use the key’s default IV, else, specify in Hex characters. The number of Hex character must be specific to the transformation used. |
transformation | Transformation to be used. For example: AES/ ECIES/CBC/PKCS5Padding. For more information on supported ECIES transformations, refer to the CipherTrust Application Data Protection for Java User Guide. The ARIA and SEED algorithms are not supported by CADP for Java WebServices. |
certAlias | Client certificate alias for making SSL connections (optional). |
certPass | Password for the provided certificate alias (optional). |
Sample REST call for cxf
request
{
"Encrypt": {
"username": "cryptouser",
"password": "safenet123",
"keyname": "testKey",
"keyiv": "12345678123456781234567812345678",
"transformation": "AES/CBC/PKCS5Padding",
"plaintext": "hello"
}
}
response
{
"EncryptResponse": {
"cipherText": "100010C9CE1F70A6663BF3B9A2F62CD852F437"
}
}
Sample SOAP Parameters
<prot:Encrypt>
<username>cryptouser</username>
<password>qwerty1234</password>
<keyname>aes256vt</keyname>
<plaintext>0000111122223333</plaintext>
<!--Optional:-->
<keyiv></keyiv>
<!--Optional:-->
<transformation>AES/CBC/PKCS5Padding</transformation>
</prot:Encrypt>
Output
Encrypted data in Hex.
<ns1:EncryptResponse xmlns:ns1="http://dsws.org/protectappws/">70C49C826D60E8564EDD51E8BF276C0FFF79D25420251D740D14C3919EC6663D</ns1:EncryptResponse>
Note
In almost all cases the keyiv and transformation should not be specified: It is a useful practice to utilize the Key Manager appliances capability to store the IV for the application and AES/CBC/PKCS5Padding – the default - is the most recommended cipher block mode.