Symmetric XML Cryptography in Mule 4
Don't get scared away by the fancy title! Mule has made the process super easy. Read on to learn how to encrypt your XML.
Join the DZone community and get the full member experience.
Join For FreeThere are major changes introduced in the security module in Mule 4. Here, we are going to validate changes/enhancements made to the security module in Mule4.
Let's start with XML Cryptography.
The below information are the steps to perform XML encryption and decryption in Mule 4 in XML cryptography module.
Step 1: Download the security module's plug-in from the exchange in Anypoint Studio. Once downloaded, we will able to search the security module's components in Anypoint Studio's pallet.
Step 2: Based on the new release in the security module in Mule 4, encryption/decryption has been enhanced to secure the key bases process, so now we need to generate a keystore file. Below is the command to generate a keystore file (jceks).
keytool.exe -genseckey -alias srccodes -keyalg AES -keystore aesKelltontech.jceks -keysize 128 -storeType JCEKSThe below are additional steps to generate a key.
Once the above command and steps successfully completed we will find below keystore file has been generated.
Step 3: Now, let's configure the "XML encrypt" component to encrypt the data in flow with the below steps.
- Module configuration (global configuration): To make global configurations, we need to follow the below steps.
In a keystore file go to"askKelltontech.jceks," which we have generated with the alias = 'srccodes' and password = '123456.' We have configured this in the global configuration section of Anypoint.
- Refer to the global configuration in the XML encrypt component as shown below.
Above, we have the steps to configure our XML encryption. Below is what final flow will look like.
The above is a graphical flow. Below is the XML syntax of the flow.
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:vm="http://www.mulesoft.org/schema/mule/vm" xmlns:crypto="http://www.mulesoft.org/schema/mule/crypto"
xmlns:http="http://www.mulesoft.org/schema/mule/http"
xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/crypto http://www.mulesoft.org/schema/mule/crypto/current/mule-crypto.xsd
http://www.mulesoft.org/schema/mule/vm http://www.mulesoft.org/schema/mule/vm/current/mule-vm.xsd">
<http:listener-config name="HTTP_Listener_config" doc:name="HTTP Listener config" doc:id="a0e1172f-eca9-4a09-a87e-00cb9c7a66e2" >
<http:listener-connection host="0.0.0.0" port="8081" />
</http:listener-config>
<crypto:jce-config name="Crypto_Jce" doc:name="Crypto Jce" doc:id="de44bc8f-2267-4b4d-a58f-a93f0877b377" keystore="aesKelltontech.jceks" password="123456" type="JCEKS">
<crypto:jce-key-infos >
<crypto:jce-symmetric-key-info keyId="aseKellton" alias="srccodes" password="123456" />
</crypto:jce-key-infos>
</crypto:jce-config>
<vm:config name="VM_Config" doc:name="VM Config" doc:id="98333712-0c44-4443-a32b-e6b75304ea81" >
<vm:queues >
<vm:queue queueName="xmlVM" />
</vm:queues>
</vm:config>
<flow name="xmlencrypdemomule4Flow" doc:id="8bf6a653-5012-4fc9-af06-f3ad4b920027" >
<http:listener doc:name="Listener" doc:id="0e4b2ff7-379e-45a8-82ff-cfa429b49f13" config-ref="HTTP_Listener_config" path="/posXmlData"/>
<crypto:xml-encrypt doc:name="Xml encrypt" doc:id="61e315d0-c92a-4047-979c-9c8a5645b4a4" config-ref="Crypto_Jce" keyId="aseKellton" elementPath="/Country/City"/>
<logger level="INFO" doc:name="Logger" doc:id="1e05f8a5-5a05-4a9d-b844-c45669ab2e72" message="==================This is main flow value ================ #[payload]"/>
<vm:publish doc:name="Publish" doc:id="29454982-3080-4aa1-84ee-a6c2e5840469" config-ref="VM_Config" queueName="xmlVM"/>
</flow>
<flow name="xmlencrypdemomule4Flow1" doc:id="20929f78-cac2-4fc4-ab72-ef62053f65cf" >
<vm:listener queueName="xmlVM" doc:name="Listener" doc:id="015739e8-dba1-4e08-ab2e-ab40b8a1583f" config-ref="VM_Config"/>
<crypto:xml-decrypt doc:name="Xml decrypt" doc:id="93cf0754-1d56-496c-925f-8d1b40545beb" config-ref="Crypto_Jce" keyId="aseKellton"/>
<logger level="INFO" doc:name="Logger" doc:id="c2e5c441-4a3f-4f31-9e46-9a1c781decd4" message="==================This is final value ================ #[payload]"/>
</flow>
</mule>
Now start the application. The below logs show that the application is configured and deployed successfully.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Mule is up and kicking (every 5000ms) +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
INFO 2018-05-12 07:23:38,559 [WrapperListener_start_runner] org.eclipse.jetty.server.AbstractConnector: Started ServerConnector@669787da{HTTP/1.1,[http/1.1]}{0.0.0.0:50345}
INFO 2018-05-12 07:23:38,560 [WrapperListener_start_runner] org.mule.runtime.module.deployment.internal.StartupSummaryDeploymentListener:
**********************************************************************
* - - + DOMAIN + - - * - - + STATUS + - - *
**********************************************************************
* default * DEPLOYED *
**********************************************************************
*******************************************************************************************************
* - - + APPLICATION + - - * - - + DOMAIN + - - * - - + STATUS + - - *
*******************************************************************************************************
* xmlencrypdemomule4 * default * DEPLOYED *
*******************************************************************************************************
We're all set to go and to test the flow. Follow the below steps to test the application.
In the logs, we can find encrypted data and decrypted data as expected.
INFO 2018-05-12 07:25:27,773 [[MuleRuntime].cpuLight.03: [xmlencrypdemomule4].xmlencrypdemomule4Flow.CPU_LITE @5805f136] [event: 0-89c7aab0-5587-11e8-916a-34f64bf39778] org.mule.runtime.core.internal.processor.LoggerMessageProcessor: ==================This is main flow value ================ <?xml version="1.0" encoding="UTF-8" standalone="no"?><Country>
<City><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>aseKellton</ds:KeyName>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>bv2dhOXlCTG3a1EC4THZZcKyOgKA4jOytQOP9jcZxrc=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></City>
</Country>
INFO 2018-05-12 07:25:27,832 [[MuleRuntime].cpuLight.11: [xmlencrypdemomule4].xmlencrypdemomule4Flow1.CPU_LITE @7ae5e993] [event: 0-89c7aab0-5587-11e8-916a-34f64bf39778] org.mule.runtime.core.internal.processor.LoggerMessageProcessor: ==================This is final value ================ <?xml version="1.0" encoding="UTF-8" standalone="no"?><Country>
<City>Gurgaon</City>
</Country>
Now in Mule 4, we find that the encryption module has been enhanced to share knowledge for different encryption criteria.
Happy learning!
Opinions expressed by DZone contributors are their own.
Comments