Encryption Method for Passwords in Properties Files

Document ID : KB000014756
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

Encryption Method for Passwords in Properties Files

Question:

What encryption standards are used for encrypting passwords stored in property files in CA DEVTEST. 

Environment:
All supported DEVTEST environments
Answer:

We use AES/GCM mechanism for encryption. At first we attempt to use AES-256  by checking what the JVM supports, and if it can't support a key size of 256 or higher, then it falls back to either AES-192 or AES-128. 

 

 

To check what your JVM supports, you could write a Java class that checks the maximum key lengths for various ciphers, including AES

If the unlimited JCE policy file has been properly installed in the JRE, the output will look like this and since the key length is greater than 256, AES-256 would be used: 


Maximum Allowed Key Length for : 
DES = 2147483647 
Triple DES = 2147483647 
AES = 2147483647 
Blowfish = 2147483647 
RSA = 2147483647 

On a JRE that does not have the unlimited JCE policy file installed, the output might be this - notice that the maximum key length for AES is only 128, which means AES-128 would be used: 

Maximum Allowed Key Length for : 
DES = 64 
Triple DES = 128 
AES = 128 
Blowfish = 128 
RSA = 2147483647