Encrypt target password in KVM and Decrypt it in Proxy flow

ravikumbar-1
Participant II

Hi All,

I have a kvm at proxy level as below,

{
    "encrypted": false,
    "entry": [
        {
            "name": "targetURL",
            "value": "https://targethost.com:2002/targetResource/esource"
        },
        {
            "name": "targetUserName",
            "value": "Iamuser"
        },
        {
            "name": "targetPassword",
            "value": "IamPassword"
        }
],
    "name": "MyDecryptionProxy_ENV_KVM"
}

I want to keep encrypted value for targetPassowrd key in the above KVM and in the proxy flow I would want to decrypt it and send it to target as a header 'Password'.

Please help me if there is any sample code to encrypt and decrypt a key value.

Thank you.

Regards

Ravi

1 7 385
7 REPLIES 7

Not applicable

In your kvm above encrypted is set to false, make that to true, it will make the kvm encrypted.

In proxy flow when you fetch KVM info in get, just assign the value to variable having prefix private.something.

Eg.

 <Get assignTo="private.foo_variable" index="1">  
 <Key>     
 <Parameter>FooKey_1</Parameter> 
   </Key> 
 </Get>

Hey, I know using encrypted KVM. But my requirement is not encrypted KVM.

Its about storing value of ONLY ONE KEY as encrypted value in NORMAL KVM and Decrypt that key value in the Proxy flow.

making only one key encryption is not possible. You can create another encrypted KVM for password only.

if I encrypt the value from any java program manually or online and store that encrypted value in KVM then can we at least Decrypt it in apigee proxy flow? any javascript or javacallout?

if I encrypt the value from any java program manually or online and store that encrypted value in KVM then can we at least Decrypt it in apigee proxy flow?

Yes, you can perform decryption in Apigee. Apigee does not have a number of built-in policies that perform crypto. There are some community-contributed extensions, though. Some examples

For any decryption, you will need access to the decryption key within the API Proxy; a good place to store that is the encrypted KVM.

can you please share a sample jar file?