We have a requirement to encrypt certain fields in Pega which are sent to interfacing systems.The other system in the integration (non pega system) should be able to decrypt those fields on demand by using the algorithm and transformation string that pega used to encrypt.
We have done the encryption by creating a custom cipher and are able to decrypt within Pega. To decrypt the Pega encrypted data in java program using JCE apis, is there any standard procedure? The generated Java source contains 2 byte arrays and one string variable with some text value.
These variables are been sent to init method from the constructor. If we know how these variables are used to decrypt, we can try to do the same in a standalone java program using JCE apis.
The site specific Cipher implementation logic is Pega Engine code and we cannot divulge Pega proprietary encryption/decryption logic in such code.
The only way I can think of making the Pega cipher decryption API available to external systems is exposing it as a Pega service (For example as a HTTP or REST Service). The Pega service can be backed by a Java step in the service activity rule which delegates the encrypt / decrypt Java API calls to your site specific custom Cipher class. This way your external systems can can make HTTP(s) / REST calls to invoke Pega proprietary encryption / decryption as a service.
I hope the above workaround helps your requirement.
The type of Cipher would not make the difference. The logic used by Pega to encrypt / decrypt based on the type of Cipher is the critical piece for your requirement. As I stated the decryption code/logic cannot be divulged.