AES Module
Properties Configuration Settings
The AES Transformer can be used to encrypt and decrypt data for regular transport.
Remarks
The AES Module contains an encoder and a decoder that receive Mule Messages from the Mule Project and perform cryptographic operations on the data. The encoder will produce an encrypted file that the decoder can then decrypt, making it possible to add secure storage to your business process.
Configuration
Since AES is a symmetric-key algorithm, the settings for the Encode operations and Decode operations are the exact same.
First set the KeySize to determine the strength of the cipher to be used. Next, set the KeyPassword to allow the module to generate the cryptographic Key and IV. Alternatively, you may set the Key and IV properties directly. Note that the same password may be used for the encoder and decoder to generate the same key and IV.
You can change how the cryptography is performed by setting the CipherMode and PaddingMode properties.
Encrypt Example
Add a File Read connector in front of the AES Encode Module and configure it to read a target file. Add the AES Encode Module behind it and configure it with a KeyPassword. That is all that is required to begin encrypting data.
The module will write the encrypted bytes to the payload of the Mule Message. You can specify a File Write connector behind AES Encode to write the encrypted bytes to disk or perform your own further processing.
Decrypt Example
Add a File Read connector in front of the AES Decode Module and configure it to read encrypted bytes. Add the AES Decode Module behind it specify the same KeyPassword. That is all that is required to begin decrypting the data.
The module will write the decrypted bytes to the payload of the Mule Message. You can specify a File Write connector behind AES Decode to write the plaintext bytes to disk or perform your own further processing.
Encoder Property List
The following is the full list of the properties of the encoder module with short descriptions. Click on the links for further details.
AdditionalAuthData | Additional authentication data (AAD) used in GCM mode. |
CipherMode | Controls how the transformer uses the IV to modify the cipher algorithm. |
IV | The initialization vector used by the CipherMode to modify the ciphertext. |
Key | The raw key used by the cipher. |
KeyPassword | A password used by the transformer to generate the Key and IV . |
KeySize | The size of the Key . |
LogFile | The file to write logging information to at runtime. |
LogMode | What information gets logged during component execution. |
LogType | How information gets logged during component execution. |
Other | Defines a set of configuration settings to be used by the transformer. |
PaddingMode | Used by the cipher to pad the last block of input text. |
RuntimeLicense | Specifies the component runtime license key. |
UseHex | Whether input or output is hex encoded. |
Decoder Property List
The following is the full list of the properties of the decoder module with short descriptions. Click on the links for further details.
AdditionalAuthData | Additional authentication data (AAD) used in GCM mode. |
CipherMode | Controls how the transformer uses the IV to modify the cipher algorithm. |
IV | The initialization vector used by the CipherMode to modify the ciphertext. |
Key | The raw key used by the cipher. |
KeyPassword | A password used by the transformer to generate the Key and IV . |
KeySize | The size of the Key . |
LogFile | The file to write logging information to at runtime. |
LogMode | What information gets logged during component execution. |
LogType | How information gets logged during component execution. |
Other | Defines a set of configuration settings to be used by the transformer. |
PaddingMode | Used by the cipher to pad the last block of input text. |
RuntimeLicense | Specifies the component runtime license key. |
UseHex | Whether input or output is hex encoded. |
Configuration Settings
The following is a list of configuration settings for the module with short descriptions. Click on the links for further details.
AuthTagLength | The authentication tag length used in GCM mode. |
IncludeIV | Whether to prepend the IV to the output data and read the IV from the input data. |
KeyPasswordAlgorithm | The hash algorithm used to derive the Key and IV from the KeyPassword property. |
KeyPasswordIterations | The number of iterations performed when using KeyPassword to derive the Key and IV. |
KeyPasswordSalt | The salt value used in conjunction with the KeyPassword to derive the Key and IV. |