DecryptContentCompatibility

Description:

Decrypt content using password-based encryption schemes with legacy algorithms supporting historical compatibility modes.

Additional Details...

Tags:

cryptography, decipher, decrypt, Jasypt, OpenSSL, PKCS5, PBES1

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values.

Display NameAPI NameDefault ValueAllowable ValuesDescription
Encryption Schemeencryption-scheme
  • PBE_WITH_MD5_AND_AES_CBC_128 PKCS12 with MD5 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 128 bit keys.
  • PBE_WITH_MD5_AND_AES_CBC_192 PKCS12 with MD5 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 192 bit keys.
  • PBE_WITH_MD5_AND_AES_CBC_256 PKCS12 with MD5 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 256 bit keys.
  • PBE_WITH_MD5_AND_DES PKCS5 Scheme 1 with MD5 digest and Data Encryption Standard 64 bit keys. OID 1.2.840.113549.1.5.3
  • PBE_WITH_MD5_AND_RC2 PKCS Scheme 1 with MD5 digest and Rivest Cipher 2. OID 1.2.840.113549.1.5.6
  • PBE_WITH_SHA1_AND_AES_CBC_128 PKCS12 with SHA-1 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 128 bit keys.
  • PBE_WITH_SHA1_AND_AES_CBC_192 PKCS12 with SHA-1 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 192 bit keys.
  • PBE_WITH_SHA1_AND_AES_CBC_256 PKCS12 with SHA-1 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 256 bit keys.
  • PBE_WITH_SHA1_AND_DES PKCS5 Scheme 1 with SHA-1 digest and Data Encryption Standard. OID 1.2.840.113549.1.5.10
  • PBE_WITH_SHA1_AND_DESEDE_128 PKCS12 with SHA-1 digest and Triple Data Encryption Standard 128 bit keys. OID 1.2.840.113549.1.12.1.4
  • PBE_WITH_SHA1_AND_DESEDE_192 PKCS12 with SHA-1 digest and Triple Data Encryption Standard 192 bit keys. OID 1.2.840.113549.1.12.1.3
  • PBE_WITH_SHA1_AND_RC2 PKCS5 Scheme 1 with SHA-1 digest and Rivest Cipher 2. OID 1.2.840.113549.1.5.11
  • PBE_WITH_SHA1_AND_RC2_128 PKCS12 with SHA-1 digest and Rivest Cipher 2 128 bit keys. OID 1.2.840.113549.1.12.1.5
  • PBE_WITH_SHA1_AND_RC2_40 PKCS12 with SHA-1 digest and Rivest Cipher 2 40 bit keys. OID 1.2.840.113549.1.12.1.6
  • PBE_WITH_SHA1_AND_RC4_128 PKCS12 with SHA-1 digest and Rivest Cipher 4 128 bit keys. OID 1.2.840.113549.1.12.1.1
  • PBE_WITH_SHA1_AND_RC4_40 PKCS12 with SHA-1 digest and Rivest Cipher 4 40 bit keys. OID 1.2.840.113549.1.12.1.2
  • PBE_WITH_SHA1_AND_TWOFISH PKCS12 with SHA-1 digest and Twofish in Cipher Block Chaining mode using 256 bit keys.
  • PBE_WITH_SHA256_AND_AES_CBC_128 PKCS12 with SHA-256 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 128 bit keys.
  • PBE_WITH_SHA256_AND_AES_CBC_192 PKCS12 with SHA-256 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 192 bit keys.
  • PBE_WITH_SHA256_AND_AES_CBC_256 PKCS12 with SHA-256 digest and Advanced Encryption Standard in Cipher Block Chaining mode using 256 bit keys.
Password-Based Encryption Scheme including PBES1 described in RFC 8018, and others defined according to PKCS12 and Bouncy Castle implementations
Key Derivation Strategykey-derivation-strategy
  • OPENSSL_EVP_BYTES_TO_KEY OpenSSL Envelope BytesToKey using a digest algorithm with one iteration and optional salt of eight bytes
  • JASYPT_STANDARD Jasypt Java Simplified Encryption using a digest algorithm with 1000 iterations and required salt of eight or sixteen bytes
Strategy for reading salt from encoded contents and deriving the decryption key according to the number of function iterations
PasswordpasswordPassword required for Password-Based Encryption Schemes
Sensitive Property: true

Relationships:

NameDescription
successDecryption succeeded
failureDecryption failed

Reads Attributes:

None specified.

Writes Attributes:

NameDescription
pbe.schemePassword-Based Encryption Scheme
pbe.symmetric.cipherPassword-Based Encryption Block Cipher
pbe.digest.algorithmPassword-Based Encryption Digest Algorithm

State management:

This component does not store state.

Restricted:

This component is not restricted.

Input requirement:

This component requires an incoming relationship.

System Resource Considerations:

None specified.