Hi all, Is there a way to know the maximum length of a string that can be encrypted using a key in wso2carbon.jks [1] or securevault.jks [2] while using DefaultSecretRepository.java [3].
I have a RS256 encoded JWT which is about 900 characters long. When encrypting it by storing it in secrets.properties, it does not give a cipherText. This is all i get, Is it because of the length or are there any other constraints? Also is there a better way that I could store my token securely? [1] https://github.com/wso2/product-apim/blob/master/product/carbon-home/resources/security/wso2carbon.jks [2] https://github.com/wso2/carbon-secvault/blob/master/features/org.wso2.carbon.secvault.feature/resources/resources/security/securevault.jks [3] https://github.com/wso2/carbon-secvault/blob/master/components/org.wso2.carbon.secvault/src/main/java/org/wso2/carbon/secvault/repository/DefaultSecretRepository.java Thanks and regards, Subhashinie Intern | Software Engineering WSO2, Inc. : http://wso2.com Email : [email protected] On Mon, Oct 9, 2017 at 5:13 PM, Subhashinie Koshalya <[email protected]> wrote: > Hi Thusitha and Niranjan, > > The requirement is to encrypt a JWT without having to store another > password or a key. Thanks a lot for the links. They seem to solve the > problem. I'll get back to you if it did not come out as expected. > > Thanks and regards, > > Subhashinie > Intern | Software Engineering > WSO2, Inc. : http://wso2.com > > Email : [email protected] > > On Mon, Oct 9, 2017 at 3:35 PM, Niranjan Karunanandham <[email protected]> > wrote: > >> Hi Subhashinie, >> >> In C5, the secure vault component is moved to a separate repo [1]. In >> order to encrypt your value, you need to get an instance of the secure >> vault and call the encrypt method in [2]. >> >> [1] - https://github.com/wso2/carbon-secvault >> [2] - https://github.com/wso2/carbon-secvault/blob/master/tools/ >> org.wso2.carbon.secvault.ciphertool/src/main/java/org/ >> wso2/carbon/secvault/ciphertool/CipherTool.java >> >> Regards, >> Nira >> >> On Mon, Oct 9, 2017 at 3:32 PM, Thusitha Thilina Dayaratne < >> [email protected]> wrote: >> >>> Hi Subhashinie, >>> >>> C5 doesn't contain that particular class. Could you tell us what do you >>> wanna achieve? >>> If you want to encrypt/decrypt texts, you can use the secvault. You can >>> refer [1] if that is your intention. >>> >>> [1] https://github.com/wso2/carbon-secvault/blob/master/samp >>> les/org.wso2.carbon.secvault.samples.standalone/src/main/jav >>> a/org/wso2/carbon/secvault/samples/standalone/Application.java >>> >>> Thanks >>> Thusitha >>> >>> On Mon, Oct 9, 2017 at 3:25 PM, Subhashinie Koshalya < >>> [email protected]> wrote: >>> >>>> Hi all, >>>> >>>> I am supposed to store a token securely. Is there something similar to >>>> CryptoUtil [1] available in C5? >>>> >>>> [1] https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.ws >>>> o2.carbon.core/src/main/java/org/wso2/carbon/core/util/CryptoUtil.java >>>> <https://www.google.com/url?q=https%3A%2F%2Fgithub.com%2Fwso2%2Fcarbon-kernel%2Fblob%2F4.4.x%2Fcore%2Forg.wso2.carbon.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fwso2%2Fcarbon%2Fcore%2Futil%2FCryptoUtil.java&sa=D&sntz=1&usg=AFQjCNFa-kaDwli9i1_NxpuiICc_giCn_g> >>>> >>>> Thanks and regards, >>>> Subhashinie >>>> Intern | Software Engineering >>>> WSO2, Inc. : http://wso2.com >>>> >>>> Email : [email protected] >>>> >>> >>> >>> >>> -- >>> Thusitha Dayaratne >>> WSO2 Inc. - lean . enterprise . middleware | wso2.com >>> >>> Mobile +94712756809 <+94%2071%20275%206809> >>> Blog alokayasoya.blogspot.com >>> About http://about.me/thusithathilina >>> <http://wso2.com/signature> >>> >>> >> >> >> -- >> >> >> *Niranjan Karunanandham* >> Associate Technical Lead - WSO2 Inc. >> WSO2 Inc.: http://www.wso2.com >> >> >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
