XML File Encryption Whitepaper
Overview
Many of the Simplicity applications have XML configuration files required for the operation of the services and/or applications.
These XML configuration files for services have the option to generically have either the individual XML nodes and/or the XML sections encrypted as required.
Services currently supporting these configuration encryption options include “Beacon Service”, “Sentinel Service”, “Assembly Info Service”, “File Management Service” and “Bulk Copy Service”.
In the whitepapers for each of these services detailing their configuration files, encryption options can be applied where security of node values or XML sections is deemed by the individual client to be sensitive in nature and not appropriate to be stored as plain text.
When the Simplicity licensing subscription purchased allows for in-house implementation then the Simplicity encryption utility can be made available on request to assist with the setup of these application configuration files.
Encryption Methods
There are presently two encryption options available for xml node/section data.
OPTION 1, “3DES.1”
- All keys used by the encryption process are 192 bits, with a 64 bit initialisation vector (IV)
- The data is encrypted using a 192 bit fixed key and IV using the 3DES encryption algorithm
The following is a sample of an XML node with no encryption.
<Password>SamplePassword</Password>
The following is a sample of an XML node with “3DES.1” encryption
<Password Encryption=”3DES.1”>B94F6F4DC83DB94F6F4DB94F6F4DC83D...6CE7CE3629A7694</Password>
The following is a sample of an XML section with no encryption.
<Locations>
<ClassName>AssemblyInfo.SAAssemblyInfoFileLocationCollection,AssemblyInfo</ClassName>
<ItemClassName>AssemblyInfo.SAAssemblyInfoFileLocation,AssemblyInfo</ItemClassName>
<Items>
<Item>
<CodeSet>ProductionCodeSet</CodeSet>
<RelativePath>\simplicityhost\%CLIENTBRANCH%\code\v2_5</RelativePath>
<AbsoluteRootPath></AbsoluteRootPath>
<AbsoluteRootURL></AbsoluteRootURL>
</Item>
</Items>
</Locations>
The following is a sample of an XML section with encryption.
<Locations Encryption=”3DES.1”>
<Data>B94F6F4DC83DB94F6F4DB94F6F4DC83D...6CE7CE3629A7694</Data>
</Locations>
OPTION 2, “3DES.2”
- All keys used by the encryption process are 192 bits, with a 64 bit initialisation vector (IV)
- The data is encrypted using a randomly generated key and IV using the 3DES encryption algorithm
- The key and IV are encrypted using the 3DES encryption algorithm (using a fixed key and IV)
- The data, key and IV are stored within the encrypted data
The following is a sample of an XML node with no encryption.
<Password>SamplePassword</Password>
The following is a sample of an XML node with “3DES.2” encryption
<Password Encryption=”3DES.2”>2800000010000000B94F6F4DC83D...6CE7CE3629A7694</Password>
The following is a sample of an XML section with no encryption.
<Locations>
<ClassName>AssemblyInfo.SAAssemblyInfoFileLocationCollection,AssemblyInfo</ClassName>
<ItemClassName>AssemblyInfo.SAAssemblyInfoFileLocation,AssemblyInfo</ItemClassName>
<Items>
<Item>
<CodeSet>ProductionCodeSet</CodeSet>
<RelativePath>\simplicityhost\%CLIENTBRANCH%\code\v2_5</RelativePath>
<AbsoluteRootPath></AbsoluteRootPath>
<AbsoluteRootURL></AbsoluteRootURL>
</Item>
</Items>
</Locations>
The following is a sample of an XML section with encryption.
<Locations Encryption=”3DES.2”>
<Data>2800000010000000B94F6F4DC83D...6CE7CE3629A7694</Data>
</Locations>
Encryption Utility
When the Simplicity licensing subscription purchased allows for in-house implementation then the Simplicity encryption utility can be made available on request to assist with the setup of these application configuration files.
Simply text to encrypt is either entered or pasted into the top panel. “Encrypt” is then clicked and the corresponding encrypted text will be available in the bottom panel. This encrypted text is then entered into the configuration files as illustrated earlier.
Help & Support