IBM Support

Encryption Utility Toolkit - how to encrypt/decrypt sensitive data

Question & Answer


Question

Encryption Utility Toolkit - how to encrypt/decrypt sensitive data

Answer

On Demand Consulting
Author: Volodymyr Sitarchuk

Description of the Encryption Utility Toolkit:
  • it does not rely on any BPM internal classes
  • it is based on the Java Cryptography Extension (JCE) and uses AES encryption algorithm with 128 bits key length
  • it can use a predefined secret key or extract the secret key from Auth Alias


Example of usage:

1
Keeping sensitive data in encrypted format like credentials, credit card numbers, social security numbers.

There used to be the Encryption Utility Toolkit from General Toolkits (https://developer.ibm.com/bpm/resources/general-toolkits/)
The Encryption toolkit is not supported for the reason that it is based on the internal legacy Lombardi class
(https://developer.ibm.com/bpm/docs/frequently-asked-questions/simple-string-encryption/)
that is a subject to removal from BPM without any notice.


2
Integration with external resources that require credentials
where encrypted credentials can be kept in a file, EPV or ENV variables


Alternative solution is to keep password credentials directly in Auth Alias - see for the solution in KL 5377-27212


The tool is verified in BPM versions from 8.5.6 to?8.5.7.201706
 

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSQTW3","label":"IBM On Demand Consulting for Hybrid Cloud"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

More support for:
IBM On Demand Consulting for Hybrid Cloud

Software version:
All Versions

Document number:
776373

Modified date:
16 March 2019

UID

ibm10776373

Manage My Notification Subscriptions