Overview

The wrapper.cipher.<n>.* properties are used to configure encoding methods (encryption or obfuscation) which can be used to conceals your passwords or sensitive data.

Each index is identified with a name (using the wrapper.cipher.<n>.name property) and groups several properties that describe an encoding. The wrapper.cipher.<n>.name property is also linked to one or more encoding token(s) with the name written after the vertical bar (%...|<cipher_name>%).

注意

wrapper.cipher.<n>.* configuration can be automatically generated when a text is encoded with the --encoding command. Please read this page to learn how to use the --encoding command.

The following properties are available:

<n> component:

Each element has a property name which starts with "wrapper.cipher." and the "<n>" component of the property name is an integer number counting up from "1". By default the numbering should be in sequence without gaps". The wrapper.ignore_sequence_gaps property can optionally be set to allow gaps in the sequence.

wrapper.cipher.<n>.name Property
対応バージョン :3.6.0
対応エディション :プロフェッショナル版スタンダード版コミュニティー版 (未対応)
対応プラットフォーム :WindowsMac OSXLinuxIBM AIXFreeBSDHP-UXSolarisIBM z/Linux

This property specifies a name which must be unique among all indexes. A name must consist of alphanumeric characters or hyphens or underscores. In addition, the name cannot be one of the encoding method names (i.e. "mask", "base64", "base64url", "obf" or "robf") as they already are refer to default encoding configurations that cannot be changed and should not be written to the configuration file.

When specifying a private key file, this property is required to create an encoding definition that can then be used by encoded tokens. However this property can also be used to simply specify an alias for an encoding.

Example: 
wrapper.cipher.1.name=r
wrapper.cipher.1.method=robf

# 'r' now refers to 'robf' and can be used after the vertical bar in encoded tokens:
wrapper.app.property.1=-Dmysecret=%5LF8WKKKnaOnCtwdGkK4aq|r%

wrapper.cipher.<n>.method Property
対応バージョン :3.6.0
対応エディション :プロフェッショナル版スタンダード版コミュニティー版 (未対応)
対応プラットフォーム :WindowsMac OSXLinuxIBM AIXFreeBSDHP-UXSolarisIBM z/Linux

This property specifies the method to use to encode your passwords or data.

The following methods are available:

  • [mask] : with this method the text will be written in clear text, but will be masked with asterisks ('*') in your log files

  • [base64] : standard base64 encoding

  • [base64url] : modified Base64 for URLs ('+' replaced by '-', '/' replaced by '_')

  • [obf] : proprietary obfuscation method (the same input will always generate the same output)

  • [robf] : proprietary reandomized obfuscation method (the same input will generate randomized outputs, which makes it stronger against cryptanalysis)

wrapper.cipher.<n>.private_keyfile Property
対応バージョン :3.6.0
対応エディション :プロフェッショナル版スタンダード版コミュニティー版 (未対応)
対応プラットフォーム :WindowsMac OSXLinuxIBM AIXFreeBSDHP-UXSolarisIBM z/Linux

This property specifies the path to a private key file for methods that can use a private key ("obf" and "robf"). The value can be an absolute path or a path relative to the working directory.

The wrapper.cipher.<n>.private_keyfile property must be defined together with the name and method.

Example: 
wrapper.cipher.1.name=r1
wrapper.cipher.1.method=robf
wrapper.cipher.1.private_keyfile=../conf/secure/r1.key

注意

The --keygen command can be used to generate private keys. Please read this section for details.

警告

It is very important to store your key in a secure folder and to limit permissions granted to the bare minimum. Usually only the user running the Wrapper should be allowed to access it.

Please read this page to learn how to adjust the permissions of your private key.

参照: セキュリティ

暗号設定:

セキュアファイル:

コマンド: