Sample Java Client Code for Symmetric Key Encryption/Decryption with Sentry

Attached is sample java client code that can be used to encrypt (or decrypt) data that can then be decrypted (or encrypted) with the Convert Value task encryption/decryption operations in Sentry.

Instructions for use:

  1. Create a symmetric key encryption policy (algorithm and key wrap set to AES-256).
  2. Create a task list with a convert value task using the symmetric key encryption policy.
  3. Encrypt some node within the sample document.
  4. Run the task to generate a sample encrypted value.
  5. Go to the Encryption policy and grab the symmetric key.
  6. Use the key and sample document with the attached program that is developed to assure that you can decrypt the value and return it to its original value.
  7. Edit the attached as necessary to match your Sentry encryption policy. The base64Key and encryption algorithms in the sample program need match the settings in the Sentry config.
  8. Compile the sample program with java 8.
  9. Ensure that java unlimited strength jurisdiction policy files are installed.
  10. Run the sample program. Usage is Encrypt [-e|-d] <filename> <element>. The -e option encrypts. The -d option decrypts. The default is to encrypt. For example: Encrypt -d sample.xml tns:echo


Article is closed for comments.