Skip to content

Configuring encryption

Jump to bottom
Artem Kovalev edited this page May 25, 2017 · 4 revisions

InfoArchive has support for encryption. In order to work with encryption, you should add some extra parameters to the configuration. Below there are all parameters related with encryption and their possible values that separated by '/'.

  • First of all, it is necessary to create a crypto object:

ia.crypto.object.name = MyCryptoObject (You can choose your own name for crypto object)
ia.crypto.object.security.provider = Bouncy Castle / SunJCE / Gemalto
ia.crypto.object.key.size = 128 / 192 / 256
ia.crypto.object.in.use = true (It's true by default, but you can anyway mention that is's true or turn it to false or not even specify)
ia.crypto.object.encryption.mode = ECB / CBC / PCBC / CTR / CTS / CFB / CFB8 / CFB16 / CFB32 / CFB64 / CFB128 / OFB / OFB8 / OFB16 / OFB32 / OFB64 / OFB128 (Use these modes if provider is SunJCE)
                                   ECB / CBC (Use these modes if provider is Gemalto)
                                   CBC / CFB / CCM / GCM / GCF / EAX / OCB / OFB / SIC / OpenPGPCG / GOFB (Use these modes if provider is Bouncy Castle)
ia.crypto.object.padding.scheme = NOPADDING / PKCS5PADDING / ISO10126PADDING (Use these schemes if provider is SunJCE)
                                  NOPADDING / PKCS5PADDING (Use these schemes if provider is Gemalto)
                                  ISO10126d2Padding / PKCS7Padding / X932Padding / ISO7816d4Padding / ZeroBytePadding (Use these schemes if provider is Bouncy Castle)
ia.crypto.object.encryption.algorithm = AES (Actually only one encryption algorithm is supported)

  • Then you need to create a crypto for PDI:

ia.pdi.crypto.name = MyPdiCrypto (You can choose your own name for pdi crypto)

  • And finally, create crypto for holding:

ia.holding.crypto.name = MyHoldingCrypto (You can choose your own name for holding crypto)
ia.holding.crypto.encoding = base64 (It's 'base64' by default, but you can anyway mention your variant of encoding)
ia.holding.crypto.enabled = true (It's true by default, but you can anyway mention that is's true or turn it to false or not even specify)

  • Complete example:

ia.crypto.object.name = MyCryptoObject
ia.crypto.object.security.provider = Bouncy Castle
ia.crypto.object.key.size = 256
ia.crypto.object.in.use = true
ia.crypto.object.encryption.mode = CBC
ia.crypto.object.padding.scheme = PKCS5PADDING
ia.crypto.object.encryption.algorithm = AES

ia.pdi.crypto.name = MyPdiCrypto

ia.holding.crypto.name = MyHoldingCrypto
ia.holding.crypto.encoding = base64
ia.holding.crypto.enabled = true
Clone this wiki locally