DataPower

DataPower

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  AES256 GCM Encryption/Decryption Implementation using Datapower

    Posted Wed March 29, 2023 02:09 AM

    Hello Team,

    Can we perform AES256 GCM Encryption/Decryption implementtaion on Datapower. if yes, please help how to do it.



    ------------------------------
    Jyoti Yadav
    ------------------------------


  • 2.  RE: AES256 GCM Encryption/Decryption Implementation using Datapower

    Posted Wed March 29, 2023 02:17 PM
    Edited by Joseph Morgan Wed March 29, 2023 02:19 PM

    Jyoti, 

    The answer is yes, but this question is overly broad because there are so many ways. 

    If using the Encrypt/Decrypt actions on a processing rule, then go to the "Advanced" tab, and select "AES256 GCM" next to "Permitted Bulk Encryption Algorithm".

    If using the xslt encrypt-data/decrypt-data extensions, use the 'http://www.w3.org/2009/xmlenc11#aes256-gcm" algorithm.

    If using gatewayscript, use the "cipher" and "decipher" API.  Use the "createCipheriv(...) and provide "A256GCM" as the algorithm.



    ------------------------------
    Joseph Morgan
    ------------------------------

    Original Message


  • 3.  RE: AES256 GCM Encryption/Decryption Implementation using Datapower

    Posted Tue April 04, 2023 09:24 AM

    Hello Joseph,

    Thank you for support.
    Can we implement AES256-GCM algorithm on Datapower using KEY-IV pair? if yes, then please help how to do it.
    As well, We have tried with Gatewayscript using "crypto" module.We are able to encrypt payload, but while decrypt it getting error. 
    Please find below code and correct me if its wrong.
    Please find below Enrycpt/DEcrypt code with OP
    Encrypt:

    apim.output('application/json');

    var crypto = require('crypto');
    var SymKey ='NTBERTg1NzQzQ0YwMzEzRUI4MUI5NzFCQTM1NkYwODQ=';//base64Encoded Key
    var iv1='4932AF1AC8C2F21F';

    var buff = new Buffer(SymKey, 'base64');
    var buff1=new Buffer(iv1,'base64');
    var cipher = crypto.createCipheriv('A256GCM', buff,buff1);
    var pay_load = '{"abc":"ad"}';
    var resp = JSON.stringify(pay_load);
    var b2=cipher.update(resp, 'utf8').final('base64');
    //var encipherData = cipher.final('base64');
    //var Jdata=encipherData;
    session.output.write({"EncryptedPayload":b2});


    OP: 

    {
        "EncryptedPayload""SEGBiol1LIqbOl7ejrQo36hM"
    }


    Decrypt:

    var EncryptedResponse=apim.getvariable('request.body.EncryptedPayload');

    apim.output('application/json');

    var crypto = require('crypto');

    var SymKey ='NTBERTg1NzQzQ0YwMzEzRUI4MUI5NzFCQTM1NkYwODQ=';
    var iv1='4932AF1AC8C2F21F'

    var buf = new Buffer(SymKey,'base64');

    var buff = new Buffer(iv1,'base64');

    var decipher = crypto.createDecipheriv('A256GCM',buf,buff);
    var resp = JSON.stringify(EncryptedResponse);

    var b2=decipher.update(resp, 'base64').final('utf8');
    //decipher.update(resp, 'base64');

    //var originalPlainText1 = decipher.final('utf8');

    session.output.write(b2);
    OP:

    {
        "httpCode""500",
        "httpMessage""Internal Server Error",
        "moreInformation""Cannot read property 'length' of undefined"
    }


    ------------------------------
    Jyoti Yadav
    ------------------------------

    Original Message


  • 4.  RE: AES256 GCM Encryption/Decryption Implementation using Datapower

    Posted Wed April 05, 2023 09:34 AM

    Hello All,

    While decryption, we are getting output while using  decipher.update(resp, 'base64') method, but while using decipher.final() method getting length error.
    Please help how to implement decyption using AES-256/GCM in Gatewayscript.


    Thanks and Regards,
    Jyoti Yadav



    ------------------------------
    Jyoti Yadav
    ------------------------------

    Original Message


  • 5.  RE: AES256 GCM Encryption/Decryption Implementation using Datapower

    Posted Wed April 05, 2023 07:52 PM
    Edited by Joseph Morgan Wed April 05, 2023 08:02 PM

    Jyoti,

    I took your code and put it into a little loopback XMLFW with an GWS action for encrypt (works just fine) and a GWS for decrypt.   I get the same results as you.  When decipher.final() is called, with or without the 'utf8' encoding, I get the same error. 

    I also split "decipher.finer()" into its own line just to be sure "decipher.update" wasn't causing the issue.

    I tried about a dozen different things with a number of console.debug statements to ensure it was going along OK.   I also thought maybe "EncryptedPayload" was not being interpreted as a String, and, with futility, tried "JSON.stringify(EncryptedPayload)" and "new String(EncryptedPayload)" within the "decipher.update(...)", all to no avail.  Always received the length error.

    In my final attempt, I tried using a buffer of the encrypted payload within "decipher.update(...)" like this:

      var encryptedPayloadBuffer = new Buffer(EncryptedPayload, 'base64');;
        decipher.update(encryptedPayloadBuffer);
        console.debug("Calling decipher.final()");
        
        var decryptedPayload = decipher.final('utf8');

    Still received the length error.

    This has to be a bug.

    You'll have to file a case with IBM to get it worked out.

    P.S.  I don't have time at the moment, but I want to take a shot at decrypting with a "decrypt" action just to see if I can jolt it into working.  Will let you know the result.



    ------------------------------
    Joseph Morgan
    ------------------------------

    Original Message


  • 6.  RE: AES256 GCM Encryption/Decryption Implementation using Datapower

    Posted 12 days ago

    Hi joseph,

    do you have any updates about the possibility do decrypt with A256GCM algorithm. I have the Cannot read property 'length' of undefined error too.

    by



    ------------------------------
    Gaetano Lagana
    ------------------------------

    Original Message


  • 7.  RE: AES256 GCM Encryption/Decryption Implementation using Datapower

    Posted 11 days ago

    @Jyoti Yadav never updated this.  I actually didn't retry.

    Maybe @Jyoti Yadav will respond?



    ------------------------------
    Joseph Morgan
    CEO - Independent
    ------------------------------

    Original Message


Related Content