Encryption Functions

Overview

Allows for the encryption and decryption of text data using symmetric AES encryption. This plug-in uses standard Java cryptography functions to expose expression functions for the encryption and decryption of data using AES.

Key Features & Functionality

Functions:

encryptvalue(): Encrypt plain text data using an AES encryption key stored in the Secure Credentials Store
decryptvalue(): Decrypt encrypted text data using an AES encryption key stored in the Secure Credentials Store

Features:

Supports up to 256-bit AES keys when JCE Unlimited Strength Jurisdiction Policy is enabled
Backwards compatible with older versions of Java lacking support for >128-bit encryption keys

Jussi Lundstedt over 5 years ago in reply to Vinod Tate

Hello Vinod - Can you please clarify your question? I am not sure whether you are referring to the length of the encryption keys, or the length of the encrypted values.

The length of the encrypted values is not restricted and depends on the length of the cleartext value that is being encrypted. The length of the encryption keys is not limited per se, but the plugin will only use the first 256 bits (64 characters) of the provided key.
- Cancel
- Up 0 Down
- Reply
- More
- Cancel
Jussi Lundstedt over 5 years ago in reply to sagarc0001

Hi Sagar - the plugin will never use the encryption key used by the Appian Encrypted Text Field. If an external system key is not passed, the plugin will try to use the external system key "encryptdecryptkey". In any case, you will have to configure the AES encryption key in the Secure Credentials Store before using the plugin.
- Cancel
- Up 0 Down
- Reply
- More
- Cancel
Jussi Lundstedt over 5 years ago in reply to jasmins0001

For security reasons it is not recommended to store or handle encryption keys as plain text. If you wish to implement something like unique keys, I would recommend extending the plugin to query the KMS of your choice and use the key strictly within the plugin. The source code comes with the plugin, so you can extend the plugin fairly easily to meet your exact use case.
- Cancel
- Up 0 Down
- Reply
- More
- Cancel
Vinod Tate over 5 years ago

Hello Jussi, how long encrypted key can be generated? in my case it is key generating more than 300 sometime 400/500. Can this be restricted?
- Cancel
- Up 0 Down
- Reply
- More
- Cancel
sagarc0001 over 5 years ago

Hi Jussi ,

While trying to use the encryptvalue function without any external system key , getting an error which says 'This plug-in [com.appiansolutionengineering.encryption] is not registered to access secured values for the given external system key [encryptdecryptkey]'

If i understand correctly , to encrypt a value with the Appian key (which is being used by the a!encryptedTextField) i have to pass this the external system key blank .

Could you please help to understand if this plugin is correct for this implementation .
- Cancel
- Up 0 Down
- Reply
- More
- Cancel
jasmins0001 over 5 years ago

Hello Jussi!! Can we get any another version of this plugin which will accept AES encryption Key as simple text as input instead of passing external system key which is stored at secured credential store?
- Cancel
- Up 0 Down
- Reply
- More
- Cancel
jasmins0001 over 5 years ago in reply to Jussi Lundstedt

Thanks Jussi !!
- Cancel
- Up 0 Down
- Reply
- More
- Cancel
Jussi Lundstedt over 5 years ago in reply to jasmins0001

Hello Jasmin! Yes - this plugin uses AES/CBC/PKCS5Padding for encryption.
- Cancel
- Up 0 Down
- Reply
- More
- Cancel
jasmins0001 over 5 years ago

Does this plugin supports support AES/CBC/PKCS5Padding cipher as well? can you please confirm.
- Cancel
- Up 0 Down
- Reply
- More
- Cancel