DES Encryption Javascript Policy using Crypto.js

cryptojsdesencrypt-rev2-2017-02-16.zipWhen you are given a task to make a DES-encrypted piece of data in your proxy using Javascript, it is a challenging endevour to the point of being demoralizing for a novice API Team developers, who frequently is new to the cryptography at the same time. In fact, it should not be.

You are facing a healthy mix of Edge policies programming plus javascript plus some cryptographic knowledge challenges, but this article is going to help you to survive and even succeed. In no time. Well, actually, in about 10-15 minutes.

The Proxy

1. Import the attached bundle to your Edge organization.

2. Deploy it to the test environment.

3. Open the DEVELOP tab and look around.

Set Password Assign Message policy

Encrypt Password javascript policy

The desencrypt.js script

Set Response Payload Assign Message policy

4. Turn the TRACE on and execute the http GET request by passing data to encrypt and encryption passphrase as query parameters.

The trace will show all pertinent variables in your proxy context.

Returned body

Assign Message policy to read query parameters.

Javascript policy that encrypts some data.

The returned page will display the encryption key and encrypted data.

https://ylesyuk-test.apigee.net/cryptojsdesencrypt?data=Some%20Secret%20Data&passphrase=secretkey

OpenSSL Utility

Let's double-check our work by using openssl utility.

1. Input secret message "Some Secret Data" into a file called datassd.

2. Using openssl enc command, encrypt the data file and output it using base64 encoding by using secretkey as passphrase and sha1 message digest to generate a key.

openssl enc -in datassd -pass pass:secretkey -md sha1 -e -des-ecb -nosalt -base64 -p

key=9885F8AF04289135

dkC0Du+VwBskZ83H5TyhLS57UNppsDHS

3. Put the encrypted data into a file called dataenc and decrypt it using following openssl enc command.

openssl enc -in dataenc -pass pass:secretkey -md sha1 -d -des-ecb -nosalt -base64

Some Secret Data

Online DES Decryption Page

1. Use openssl enc -p command-line option to display encryption key

key=9885F8AF04289135

2. Using base65 and xxd command, lets convert binary encrypted data into its hex representation.

echo dkC0Du+VwBskZ83H5TyhLS57UNppsDHS|base64 -D|xxd -p

7640b40eef95c01b2467cdc7e53ca12d2e7b50da69b031d2

3. In your browser, navigate to the http://des.online-domain-tools.com/ page that lets you to do DES encryption/decryption online. Populate the form and press >Decrypt button.

The Decrypted text will display your secret text.

Version history
Last update:
‎02-16-2017 06:52 AM
Updated by: