Encryption Method for Passwords in Properties Files

book

Article ID: 14756

calendar_today

Updated On:

Products

CA Application Test Service Virtualization CA Continuous Application Insight (PathFinder)

Issue/Introduction

Encryption Method for Passwords in Properties Files

What encryption standards are used for encrypting passwords stored in property files in DEVTEST. 

Cause

 

N/A

Environment

All supported releases and platforms of DevTest.

Resolution

We use AES/GCM mechanism for encryption. At first, we attempt to use AES-256  by checking what the JVM supports, and if it can't support a key size of 256 or higher, then it falls back to either AES-192 or AES-128. 

To check what your JVM supports, you could write a Java class that checks the maximum key lengths for various ciphers, including AES

If the unlimited JCE policy file has been properly installed in the JRE, the output will look like this and since the key length is greater than 256, AES-256 would be used: 


Maximum Allowed Key Length for : 
DES = 2147483647 
Triple DES = 2147483647 
AES = 2147483647 
Blowfish = 2147483647 
RSA = 2147483647 

On a JRE that does not have the unlimited JCE policy file installed, the output might be this - notice that the maximum key length for AES is only 128, which means AES-128 would be used: 

Maximum Allowed Key Length for : 
DES = 64 
Triple DES = 128 
AES = 128 
Blowfish = 128 
RSA = 2147483647