Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new payload converter sample using jackson-json-crypto #229

Closed
tsurdilo opened this issue Feb 18, 2022 · 4 comments · Fixed by #247
Closed

Add new payload converter sample using jackson-json-crypto #229

tsurdilo opened this issue Feb 18, 2022 · 4 comments · Fixed by #247
Assignees
@tsurdilo
Labels
enhancement New feature or request

Comments

@tsurdilo
Copy link
Contributor

Add new sample for encrypting/decrypting json payloads
that uses jackson-json-crypto module
@tsurdilo tsurdilo added the enhancement New feature or request label Feb 18, 2022
@tsurdilo tsurdilo self-assigned this Feb 18, 2022
@mapoulos
Copy link

mapoulos commented Feb 18, 2022
edited

One thing I noticed: I had very bad performance with the default settings (256 key length). I think it was running the key generation for each decrypt and temporal was complaining about the thread not yielding within a second. Decreasing this down to 128 helped.

@mapoulos
Copy link 

        // overwrite the default mapper to support Java Optional and Encrypting of Sensitive fields
        var objectMapper = new ObjectMapper();
        objectMapper.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false);
        objectMapper.registerModule(new JavaTimeModule());
        objectMapper.registerModule(new Jdk8Module());
        objectMapper.setVisibility(PropertyAccessor.FIELD, JsonAutoDetect.Visibility.ANY);

        // It seems like the key derivation at 256 takes a long time, so we reduce it here to 128.
        var passwordCryptoContext = new PasswordCryptoContext(this.encryptionPassword, this.encryptionPassword, "AES/CBC/PKCS5Padding", "PBKDF2WithHmacSHA512", 5000, 128, "AES");
        var encryptionService = new EncryptionService(objectMapper, passwordCryptoContext);
        objectMapper.registerModule(new CryptoModule().addEncryptionService(encryptionService));
        var jacksonJsonPayloadConverter = new JacksonJsonPayloadConverter(objectMapper);

        // override the jackson converter
        var defaultDataConverter = DefaultDataConverter.newDefaultInstance().withPayloadConverterOverrides(jacksonJsonPayloadConverter);

        // instantiate the workflow service, which connects to the temporal cluster
        var serviceOptions = WorkflowServiceStubsOptions.newBuilder()
                .setTarget(target)
                .setEnableHttps(useSSL)
                .build();
        workflowService = WorkflowServiceStubs.newInstance(serviceOptions);

        // instatiate the workflow client, which specifies the temporal namespace
        // and the data converter
        var clientOptions = WorkflowClientOptions
            .newBuilder()
            .setNamespace(namespace)
            .setDataConverter(defaultDataConverter)
            .build();
        workflowClient = WorkflowClient.newInstance(workflowService, clientOptions);

@tsurdilo
Copy link
Contributor Author

@mapoulos thanks for the info!

@tsurdilo
Copy link
Contributor Author

@mapoulos will have to use jackson-json-crypto:1.1.0
cause our samples are built with java 1.8 (jackson-json-crypto after 2.x seems to require java 11) just fyi

@tsurdilo tsurdilo linked a pull request Mar 11, 2022 that will close this issue
Adding Crypto Data Converter Sample #247
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tsurdilo tsurdilo

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Adding Crypto Data Converter Sample tsurdilo/samples-java
2 participants
@tsurdilo @mapoulos