The Encryption Destination step is used to encrypt the output data.
Illustrated in the below image is a flow where the Encryption Destination step is used. A record generator is used as the Source step. The Encryption Destination is then used to encrypt the data which is then stored in a Buffer.
The image below shows the Record Generator Source step configuration.
Adding an Encryption Destination Step
To add an Encryption Destination step in a flow, follow the below instructions:
1. Click on the highlighted icon as shown in the below image.
2. The below page will appear. Click on the Destination tab and select or search for Encryption as shown in the image below.
Creating a Connection
A connection is required for this step. Select an existing connection by clicking the dropdown arrow highlighted in the image below.
The Encryption and Decryption steps use the same connection. One connection can be created for both steps.
The connection configurations are explained below.
Connection Name Field – Provide the connection with a name. This field is required.
Encryption Type Field – The type of encryption being used. The Symetric type is used which means that the same key used to encrypt is will be used to decrypt.
Symetric Key Field – The symetric key to use for encryption.
Algorithm – Select the algorithm that the key should use. Click on the dropdown arrow to select from the list a shown in the image below.
The AES stands for Advanced Encryption Standard. It is a widely used and well-respected encryption algorithm.
The "128-bit" part refers to the key length used with the algorithm. Each character counts as 8-bits. This means that for a 128-bit algorithm, there must be 16 characters in the key (16x8 = 128).
The "CBC" stands for cipher block chaining. It refers to the block cipher mode that is used with the algorithm.
IV (Initialization Vector) – The additional initialization factor key to use. This is an optional key that can be added for further encryption.
The table below shows the character lengths required for each algorithm.
Algorithm | Key Length | Initialization Vector |
Aes-128-Cbc | 16 | 16 |
Aes-192-Cbc | 24 | 16 |
Aes-256-Cbc | 32 | 16 |
Aes-128-Ecb | 16 | Not required |
Aes-192-Ecb | 24 | Not required |
Aes-256-Ecb | 32 | Not required |
Aes-128-Ctr | 16 | 16 |
Aes-192-Ctr | 24 | 16 |
Aes-256-Ctr | 32 | 16 |
Aes-128-Gcm | 16 | 12 |
Aes-192-Gcm | 24 | 12 |
Aes-256-Gcm | 32 | 12 |
Configuring an Encryption Destination Step
Illustrated in the below image is the configuration that is available in the Encryption Destination step.
A connection is required for this step. Select an existing connection by clicking on the dropdown arrow as highlighted in the image above.
Input Encoding – The encoding of the input data. Select Utf8 for data that is txt or JSON. Alternatively, select any of the other formats.
Output Encoding – The encoding of the encrypted data. Select a format that is different from the Input Encoding.
Path – The path to encrypt. Leave blank for the entire record.
Using an Encryption Destination Step
To use an Encryption Destination step, follow the instructions below:
1. Click the Execute Flow button shown in the image below:
2. Click the Create Run button.
The image below shows the encrypted data on the message path.
The image below shows the encrypted data on the entire record (where a path was not provided).
