Striim 3.9.8 documentation

Setting encryption policies

Writers with an Encryption Policy property can encrypt files using AES, PGP, or RSA before sending them to the target. The property includes the following sub-properties:

sub-property

type

default value

notes

Algorithm

java.lang.String

  • for AES, supported values are:

    • AES (no transformation)

    • AES/ECB/NoPadding (128)

    • AES/ECB/PKCS5Padding (128)

  • for PGP, set to PGP

  • for RSA, supported values are:

    • RSA (no transformation): required if key size is not 1024 or 2048

    • RSA/ECB/OAEPWithSHA-256AndMGF1Padding

    • RSA/ECB/PKCS1Padding

Compress

java.lang.Boolean

False

If using PGP, optionally set to True to compress the data as .zip using org.bouncycastle.openpgp.PGPCompressedData.ZIP from the Bouncy Castle OpenPGP API before encrypting it.

Key File Name

java.lang.String

Name of the key file (do not include the path). For PGP, this must be the public key. For RSA, you may use either the public key (default) or private key, in which case you must set Use Private Key to True.

If the key file is encrypted, specify its passphrase in the adapter's Data Encryption Key Passphrase property.

Key Location

java.lang.String

path to the specified key file (must be readable by Striim)

Key Size

java.lang.Long

If the Key Type is RSA, specify the key size, for example, 2048.

Key Type

java.lang.String

 

supported values are AES, PGP, and RSA

Use Private Key

java.lang.Boolean

False

For RSA only: With the default value of False, the file specified in Key File Name must be the public key. Set to True if to use the private key file instead.

For example:

CREATE TARGET EncryptedFileOut using FileWriter(
  filename:'EncryptedOutput.txt',
  directory:'FileOut',
  encryptionpolicy:'
    KeyType=PGP, 
    KeyLocation=/opt/striim/keys, 
    KeyFileName=myPgp.pub, 
    Algorithm=PGP'
) ...