IBM® Content Integrator encryption
implementation creates a secret key file during installation. A new
key file can be created when required.
About this task
To create an encryption key:
- Generate a Blowfish key by using the provided key generation
utility BlowfishKeyGenerator:
- At the command line, run the configuration shell script.
On Windows®, the shell script is IICE_HOME/bin/config.bat where IICE_HOME is Content Integrator installation
directory. On UNIX® systems, the shell script is IICE_HOME/bin/config.sh.
- Run the Blowfish key generator class as follows:
java -classpath "[VBR_CLASSPATH]" \
com.venetica.vbr.crypto.BlowfishKeyGenerator BlowfishKey.ser
If
you do not specify a key length, a default length of 64 characters
is used.
- Place the resulting serialized class file BlowfishKey.ser in
the class path of all applications that are using the Content Integrator API
and SPI.
- Add code to the client application to seal the bundle by
using the class BlowfishSealer in the Integration API as follows:
...initialize
//Create and encrypt an AuthBundle.
AuthBundle aB = new AuthBundle(user, password);
try {
//Encrypt the auth bundle
(new BlowfishSealer()).seal(aB);
} catch(KeyNotFoundException knfe) {
...
}
...use the sealed bundle to log on to a chosen repository.
Results
The corresponding unsealer class, com.venetica.vbr.client.auth.BlowfishUnsealer,
will be present in all connector implementations. This class will
be loaded transparently by the UnsealerProxy class when a sealed AuthBundle
package is passed to the connector's log on method. The Blowfish unsealer,
in turn, will attempt to load the
BlowfishKey.ser file
that must be identical to the
BlowfishKey.ser file
on the client computer.
