Cryptography in IBM Integration Bus
The Cryptographic Nodes are developed for the following reasons:
1. There are many ways available to encrypt and decrypt the messages, it is very complex decision to choose among them and consuming lot of time, we need strong development skill for writing algorithm
2. By using existing package is easy, but one must have deep understanding skill and usage.
3. For user there is no separate package or nodes in IIB for encryption and decryption.
4. For that developed Separate nodes for encryption and decryption of message
5. We have to place jar files to perform cryptography using the RSA algorithm.
6. This nodes generate a pair of private and public keys using the RSA algorithm, Encrypt the a message using a RSA Public Key, Decrypt the message using a RSA private Key
7. Without any knowledge of cryptography just by providing node properties we can encrypt and decrypt the messages
8. The confidential Messages sent outside of IIB environment we have to encrypt using various algorithms.
9. Using these nodes the message can be decrypted and further processed safely.
10. The nodes initialization / termination and exceptions are logged into Operating System log to notify the users.
We have place Cryptography Runtime & Cryptography toolkit jar file into the following paths:
C:\Program Files\IBM\IIB\10.0.0.12\server\jplugin, (CryptographyRuntime.jar)
C:\Program Files\IBM\IIB\10.0.0.12\tools\plugins (Cryptography_ToolKit.jar)
C:\ProgramData\IBM\MQSI\shared-classes (bcprov-jdk15on-148.jar, bcpg-jdk15on-148.jar)
GenerateKeysNode:
This node generates a pair of public and private key using RSA algorithm; we have to assign the folder path in properties it will generate keys
Generate Keys node properties:
Algorithm: By default it set by RSA it supported
PublickKeyPath: In this property we have assign public key path including file name also.
PrivateKeyPath: In this property we have assign private key path including file name also.
KeyIndentity: In this property we have to set Username for private key
Keypassphrase: In this property we have to set Password for private key
KeySize: In this property we have to assign a specific size to the key
It generates the following files
EncryptionNode:
1. This node encrypts the entire message regardless of parser. The output from the node is an encrypted message.
2. We can also encrypt particular filed in the message by using local environment: LocalEnvironment.Cryptographt.Encryption. = .
3. If the local environment is shown, the node does not encrypt the entire message just it encrypts only the fields present in the local environment.
4. The output from a encryption message is in BLOB format
Properties of this node:
Algorithm: RSA is supported algorithm.
PublickKeyPath: In this property we have assign public key path including file name also.
Decryption Node:
1. This node used for decrypt previously encrypted message by using a public key.
2. We can also decrypt particular filed in the message by using local environment: LocalEnvironment.Cryptographt.Encryption. = .
3. If the local environment is shown, the node does not decrypt the entire message just it encrypts only the fields present in the local environment.
Properties of this node:
Algorithm: By default it set by RSA it supported
PrivateKeyPath: In this property we have assign private key path including file name also.
KeyIndentity: In this property we have to set Username for private key
Keypassphrase: In this property we have to set Password for private key