cancel
Showing results for 
Search instead for 
Did you mean: 

Encrypt and decrypt of Field

Ajay_Chawda
Contributor

Hello Experts,
i’m trying to encrypt one of the field of csv file using Encrypt Field snap.
i have selected transform type as auto and selected account of Passphrase-based Key type.

As a result of encrypt field snap ,field got encrypted.
in next snap i’m mapping encrypted field(column.ciphertext) and other columns and writing data to file.

image

In second pipeline reading encrypted file and trying to decrypt using same Passphrase-based Key based account.

image

but encrypted field is not getting decrypted .

Attaching pipeline for reference .

decFIle_2021_07_28.slp (10.8 KB)
Encrypt file_2021_07_28.slp (10.8 KB)

Regards,
Ajay

13 REPLIES 13

RogerSramkoski
Employee
Employee

I think the issue is with the mapping of $Amount.ciphertext to $AmountType (in order to map that, the “Encapsulate output” option of the Encrypt Field snap needs to be unchecked). I built a test pipeline that looks like this:

image

The JSON Generator has simple JSON like this:
[{"msg":"Hello world!"}]

Similar to your setup I used a Passphrase-based Key account type with a simple passphrase.

image

Here is the Encrypt Field snap:

image

Here is the Decrypt Field snap:

image

After validating the pipeline here is the Encrypt Field output:

[
    {
        "msg": {
            "transformation": "AES/GCM/NoPadding",
            "iv": "yjvD0qXH0MuwVqKhaDnZbg==",
            "type": "STRING",
            "ciphertext": "6aJAEWHFctinn8pZUPPLsG+E1OsMH49gEy08xQ==",
            "key_params": {
                "passphrase": {
                    "key_gen_iterations": 10000,
                    "key_gen_algorithm": "PBKDF2WithHmacSHA1",
                    "key_algorithm": "AES",
                    "key_salt": "NB8NMQyEqeItdu0tyn8XTga+udA=",
                    "key_size": 128
                }
            }
        }
    }
]

If there is no Mapper snap between the Encrypt Field and Decrypt Field it works just fine, however, if you add a Mapper after validation you can see the Decrypt Field Snap is expecting more information than just the cipher text (look at the target schema on the right):

image

Ajay_Chawda
Contributor

HI @rsramkoski ,
Thank you for reply.
So for decypt snap what are the other fields we need to pass?
we are planning to store only ciphertext filed from encrypted snap.

Regards,
Ajay

RogerSramkoski
Employee
Employee

Hello @Ajay_Chawda, you’re welcome. You can view the required fields in the Target Schema section on the right-hand side of the Mapper screenshot.

image

peter
New Contributor III

When I tried this I got a string output from the encrypt snap.

Could you post the pipeline?