Setting encryption policies
Writers with an Encryption Policy property can encrypt files using AES, PGP, or RSA before sending them to the target. The property includes the following sub-properties:
sub-property | type | default value | notes |
|---|---|---|---|
Algorithm | String |
| |
Compress | Boolean | False | If using PGP, optionally set to True to compress the data as .zip using org.bouncycastle.openpgp.PGPCompressedData.ZIP from the Bouncy Castle OpenPGP API before encrypting it. |
Key File Name | String | Name of the key file (do not include the path). For PGP, this must be the public key. For RSA, you may use either the public key (default) or private key, in which case you must set Use Private Key to True. If the key file is encrypted, specify its passphrase in the adapter's Data Encryption Key Passphrase property. | |
Key Location | String | path to the specified key file (must be readable by Striim) | |
Key Size | Long | If the Key Type is RSA, specify the key size, for example, 2048. | |
Key Type | String |
| supported values are AES, PGP, and RSA |
Use Private Key | Boolean | False | For RSA only: With the default value of False, the file specified in Key File Name must be the public key. Set to True if to use the private key file instead. |
For example:
CREATE TARGET EncryptedFileOut using FileWriter(
filename:'EncryptedOutput.txt',
directory:'FileOut',
encryptionpolicy:'
KeyType=PGP,
KeyLocation=/opt/striim/keys,
KeyFileName=myPgp.pub,
Algorithm=PGP'
) ...