Symantec IGA

 View Only
  • 1.  IdM 12.6 how to change encryption algorithm?

    Posted Aug 31, 2017 09:11 AM

    Hi everyone.


    I would like to know how to change the encryption algorithm of at least the form ForgottenPasswordHandler stores data. I see that it is currently in RC2 and would like to change it to PBES (in fact, I thing last one is the OOTB one, but this environment was inherited to me by other provider and I have no contact with them).


    I will explain the reason for changing the encryption algorithm:


    I have 2 idm environments where challenge / response is working fine in encrypted mode, and an inherited environment where it does not. I isolated problem, and I see that in the working environments, all passwordhints values are stored as {PBES} followed by a very short string (proportional to the length of the question and answer stored). In the non working, log says it can not insert {RC2} followed by a very long value, that exceeds the 900 bytes index limit.


    Many thanks!

  • 2.  Re: IdM 12.6 how to change encryption algorithm?
    Best Answer

    Posted Aug 31, 2017 12:19 PM

    In the downloadable IM JavaDoc the ForgottenPasswordHandler class has an encrypt and decrypt method that uses the current encryption program if an encryption key is passed in and it mentions that you can override the method to implement another encryption application. So it looks like it would require custom coding to accomplish.


    CA Identity Manager Programming Reference - CA Identity Manager - 12.6.8 - CA Technologies Documentation