Help Center/ ROMA Connect/ User Guide(new)/ Processors/ Symmetric Encrypt/Decrypt
Updated on 2023-12-28 GMT+08:00

Symmetric Encrypt/Decrypt

The symmetric encrypt/decrypt processor is used to encrypt plaintext and decrypt ciphertext by using the specified symmetric encryption algorithm.

Configuration Parameters

Parameter

Description

Operation

Options are symmetric encrypt, symmetric decrypt, HMAC signing, and HMAC signature verification.

Encryption Algorithm

Symmetric encrypt or decrypt supports only the AES algorithm.

HMAC signing or signature verification supports only HMAC algorithm.

Encryption Mode

Mandatory when Operation is set to Symmetric Encrypt or Symmetric Decrypt.

Currently, only GCM is supported.

PBKDF2 Password

Mandatory when Operation is set to Symmetric Encrypt or Symmetric Decrypt.

Used to generate the PBKDF2 key.

PBKDF2 Hash Algorithm

Mandatory when Operation is set to Symmetric Encrypt or Symmetric Decrypt.

SHA256 and SHA384 are supported.

PBKDF2 Salt

Mandatory when Operation is set to Symmetric Encrypt or Symmetric Decrypt.

Used to generate the PBKDF2 key.

Secret Key Length

Mandatory when Operation is set to Symmetric Encrypt or Symmetric Decrypt.

Length of the generated key. Options are 128, 192, or 256.

Plaintext

Plaintext to be encrypted, or signed, or verified.

Ciphertext

Ciphertext to be decrypted.

Content Padding Mode

Mandatory when Operation is set to Symmetric Encrypt or Symmetric Decrypt.

Currently, only PKCS5Padding is supported.

PBKDF2 Iteration Count

Mandatory when Operation is set to Symmetric Encrypt or Symmetric Decrypt.

Used to generate the PBKDF2 secret key. The default value is 1000000.

TAG Length

Mandatory when Operation is set to Symmetric Encrypt.

Used to generate a random tag. The default value is 16.

IV Length

Mandatory when Operation is set to Symmetric Encrypt.

Used to generate a random IV. The default value is 12.

AAD Length

Mandatory when Operation is set to Symmetric Encrypt.

Used to generate a random AAD. The default value is 16.

Secret Key

Mandatory when Operation is set to HMAC Signing or HMAC Signature Verification.

HMAC signature key.

Signature

Mandatory only when Operation is set to HMAC Signature Verification.

HMAC signing result.

Signature Algorithm

Mandatory when Operation is set to HMAC Signing or HMAC Signature Verification.

HMAC signing algorithm. Options are SHA256 and SHA384.