Has been talk for a while about encrypting process variables.
I had solved this a while back, but thought it was time to share some usage.
I pulled apart some older code, and simplified some of the functions for reuse.
In short you can do the following:
load('classpath:rsaEncrypt.js')
var messageToSeal = 'This message is to be hidden'
var sealedObject = rsaSeal(messageToSeal, PUBLIC_KEY)
execution.setVariable('sealed_object', sealedObject)
Where the PUBLIC_KEY and PRIVATE_KEY is a variable loaded from the rsaEncrypt.js script
same for decrypt
load('classpath:rsaEncrypt.js')
var sealedObject = execution.getVariable('sealed_object')
var unsealedObject = rsaUnseal(sealedObject, PRIVATE_KEY)
execution.setVariable('unsealed_object', unsealedObject)
This uses the SealedObject class from Java to provide a object wrapper for RSA encryption.
Enjoy!
cross ref:
Encryption of variables in a cloud environment, Data Encryption at Rest, Data encryption in web application - padding method?, Encryption of DB password in the configuration file, Encrypted/hidden variables?, Digitally signed or sealed process task data - #2 by Webcyberrob