How implement PBE(Password based encrypt) in API Gateway?Does this need one of the tactical encryption assertions to be used?
Hello Sonalee ,
You should be able to use Encode JSON Web Token Assertion to do it, just ignore the JWS tab, put source on General tab, on JWT tab you can use secret(password) when select a symmetric key,
Encode JSON Web Token Assertion - CA API Gateway - 9.2 - CA Technologies Documentation
Regards,
Mark
Thanks Mark,but i do not see option for 3DES with MD5 which is the requirement for us
also password should be used to generate a key (for PBE )and not used directly as secret as it may not match the key length as well
Another assertion to do encryption with a key is called - Symmetric Key Encryption / Decryption Assertion. This assertion needs to be requested through CA Support.
Sincerely,
Stephen Hughes
Director, CA Support
Hi Stephen,
Is Symmetric Key Encryption / Decryption Assertion capable to do something similar to this - Password-based encryption .
Also what encryption algorithms are supported by this assertion.We need 3DES with MD5
Sonalee Shyam
Sonalee,
Excerpt from the documentation around Algorithms used in the assertion:
AES/CBC/PKCS5Padding
AES/GCM/NoPadding
DES/CBC/PKCS5Padding
DESede/CBC/PKCS5Padding
PGP
Did you have any other questions?