IEncryptionKey

posted Nov 27, 2018, 2:15 PM by Eric Patrick
The qbo.Application module has been extended to support an IEncryptionKey interface and associated configuration. The Credential class has been extended to leverage the IEncryptionKey settings to symmetrically encrypt or decrypt Credential.Password.  The Credential behavior is:
  • If no EncryptionKey is configured, serialization of Credential will include Password in clear text.
  • If any EncryptionKey is configured, serialization of Credential will include EncryptedPassword (symmetrically encrypted Password), and not include Password.
This means that the Credential when persisted to ConfigurationEntry will contain an EncryptedPassword string that must be decrypted with the same key used to encrypt the Password.

The qbo.Encryption.Amazon (found in the qbo.Amazon solution) can be used to leverage an AWS KMS key for encryption and decryption.
Comments