Crypto Step
Overview
Crypto step is used to encrypt and decrypt strings using AES-256-gcm algorithm. Useful when user needs to pass sensitive data in urls.
caution
Use caution when you expose API that use crypto step. Decrypted data should not be returned by API.
Configuration
Moderequired - (Encrypt and Decrypt) Defines what action step should executeEncryption Keyrequired - 32 characters long string that is used for secure string encryption (* *Warning! ensure this string is kept safe and is not exposed**)Input and Output Formatrequired - (HEX, Base64 or Base64 URL safe) determines the format of encrypted dataTarget Pathrequired - Defines the path in which to store the result of step executionInput or output is single encrypted stringrequired - Flag that determines if output from encryption should be a single string or object that has encrypted text, iv and tag. Also determines the same for input in decrypt mode.Sensitive Datarequired in encrypt mode - A string or array of strings that need to be encryptedEncrypted Stringrequired in decrypt mode if input data is encrypted string - A string or array of strings that need to be decryptedprocessDataAsArrayrequired - KeyEncrypted Textrequired - An encrypted string that needs to be decryptedIVrequired - An encrypted string that contains the IV used to encrypt encrypted textTagrequired - An encrypted string that contains the Tag generated after string encryption
Example
Example encrypt Flow
tags: []
sampleInputSchema: ""
sampleData:
input:
- userName: Jeffery
email: parkerwilliam@hoover.com
policyId: PL-5514
- userName: Nicholas
email: vdiaz@gmail.com
policyId: PL-2690
- userName: Dawn
email: jmolina@hotmail.com
policyId: PL-8287
- userName: Peter
email: cory08@avery.com
policyId: PL-3963
- userName: Jeff
email: xnorton@hotmail.com
policyId: PL-9792
description: ""
baseFlow: null
steps:
- name: Create an array of strings with policy id's
description: ""
config:
maps:
- jsonata: input.policyId
targetPath: encryptableData
stepType: jsonata
condition: ""
- name: Encrypt policy id's
description: ""
config:
mode: encrypt
outputFormat: base64url
processDataAsArray: true
isSingleString: true
encryptionKey: fgtjvnwerx4ty67ihj2wsacn56usr6yu
sensitiveData: "{{encryptableData}}"
iv: rtghcvbderfg5tgh
targetPath: encryptedData
stepType: crypto
condition: ""
- name: map encrypted Id's to corresponding policy objects
description: ""
config:
maps:
- jsonata: |-
$map(input, function($v, $i, $a) {
$merge([$v, { "encryptedpolicyId": encryptedData[$i] }])
})
targetPath: result
stepType: jsonata
condition: ""
disabled: false
Encrypt Flow Result
{
"doc": {
"input": [
{
"userName": "Jeffery",
"email": "parkerwilliam@hoover.com",
"policyId": "PL-5514"
},
{
"userName": "Nicholas",
"email": "vdiaz@gmail.com",
"policyId": "PL-2690"
},
{
"userName": "Dawn",
"email": "jmolina@hotmail.com",
"policyId": "PL-8287"
},
{
"userName": "Peter",
"email": "cory08@avery.com",
"policyId": "PL-3963"
},
{
"userName": "Jeff",
"email": "xnorton@hotmail.com",
"policyId": "PL-9792"
}
],
"encyptableData": ["PL-5514", "PL-2690", "PL-8287", "PL-3963", "PL-9792"],
"encryptedData": [
"cnRnaGN2YmRlcmZnNXRnaN4uyOlzuu3mF531yCAkQjvuQUfS3_wN",
"cnRnaGN2YmRlcmZnNXRnaN4uyO5wsumEhS4-6eqVVzq8VEG7--2s",
"cnRnaGN2YmRlcmZnNXRnaN4uyOR0s-5TMbx3DtRhPkTfknFMQcrc",
"cnRnaGN2YmRlcmZnNXRnaN4uyO9_veqd9iEFH-aBTrKkjjrNV-RF",
"cnRnaGN2YmRlcmZnNXRnaN4uyOVxsuuecFeJn7IVHzGi3o8CyFAr"
],
"result": [
{
"userName": "Jeffery",
"email": "parkerwilliam@hoover.com",
"policyId": "PL-5514",
"encryptedpolicyId": "cnRnaGN2YmRlcmZnNXRnaN4uyOlzuu3mF531yCAkQjvuQUfS3_wN"
},
{
"userName": "Nicholas",
"email": "vdiaz@gmail.com",
"policyId": "PL-2690",
"encryptedpolicyId": "cnRnaGN2YmRlcmZnNXRnaN4uyO5wsumEhS4-6eqVVzq8VEG7--2s"
},
{
"userName": "Dawn",
"email": "jmolina@hotmail.com",
"policyId": "PL-8287",
"encryptedpolicyId": "cnRnaGN2YmRlcmZnNXRnaN4uyOR0s-5TMbx3DtRhPkTfknFMQcrc"
},
{
"userName": "Peter",
"email": "cory08@avery.com",
"policyId": "PL-3963",
"encryptedpolicyId": "cnRnaGN2YmRlcmZnNXRnaN4uyO9_veqd9iEFH-aBTrKkjjrNV-RF"
},
{
"userName": "Jeff",
"email": "xnorton@hotmail.com",
"policyId": "PL-9792",
"encryptedpolicyId": "cnRnaGN2YmRlcmZnNXRnaN4uyOVxsuuecFeJn7IVHzGi3o8CyFAr"
}
]
},
"errors": [],
"performance": {
"steps": [
{
"step": "Create an array of strings with policy id's",
"executionTime": 9
},
{
"step": "Encrypt policy id's",
"executionTime": 15
},
{
"step": "map encrypted Id's to corresponding policy objects",
"executionTime": 8
}
],
"executionTimeOfFlow": 32,
"timeMetric": "ms"
},
"clearedErrors": [],
"files": []
}
Example decrypt Flow
tags: []
sampleInputSchema: ""
sampleData:
encryptedId: cnRnaGN2YmRlcmZnNXRnaN4uyOlzuu3mF531yCAkQjvuQUfS3_wN
description: ""
baseFlow: null
steps:
- name: Step crypto
description: ""
config:
mode: decrypt
isSingleString: true
processDataAsArray: false
outputFormat: base64url
encryptedString: "{{encryptedId}}"
encryptionKey: fgtjvnwerx4ty67ihj2wsacn56usr6yu
targetPath: decryptedId
stepType: crypto
condition: ""
- name: Map to required format
description: ""
config:
maps:
- targetPath: result
jsonata: |2-
{
"userName": "Scott",
"email": "ilara@kramer.com",
"policyId": decryptedId
}
stepType: jsonata
condition: ""
Decrypt Flow Result
{
"doc": {
"encryptedId": "cnRnaGN2YmRlcmZnNXRnaN4uyOlzuu3mF531yCAkQjvuQUfS3_wN",
"decryptedId": "PL-5514",
"result": {
"userName": "Scott",
"email": "ilara@kramer.com",
"policyId": "PL-5514"
}
},
"errors": [],
"performance": {
"steps": [
{
"step": "Step crypto",
"executionTime": 12
},
{
"step": "Map to required format",
"executionTime": 5
}
],
"executionTimeOfFlow": 17,
"timeMetric": "ms"
},
"clearedErrors": [],
"files": []
}