I have a project using Talend Open Studio for Data Integration 7.3.1 where passwords are set in context variables set to type 'Password'. When the project is compiled, the password is encrypted in Default.properties.
Two encryption keys are now used by Talend Studio, Talend Administration Center and Talend components to encrypt passwords.
system.encryption.key
: for encrypting properties and nexus passwords.
routine.encryption.key
: for encrypting passwords of generated Jobs.
The default values of these two keys system.encryption.key.v1 and routine.encryption.key.v1 are stored in the encryption key configuration file /configuration/studio.keys, which is created under the installation directory of your Talend Studio after you run the Talend Studio executable file Talend-Studio-linux-gtk-x86_64 for the first time. Below is an example of the newly created studio.keys file.
in the class that encrypt password we can found the following import :
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
So it seems to use DES for encryption
we could see it in the code :
Cipher.getInstance("DES")
DES is a block cipher and encrypts data in blocks of size of 64 bit each, means 64 bits of plain text goes as the input to DES, which produces 64 bits of cipher text. The same algorithm and key are used for encryption and decryption, with minor differences. The key length is 56 bits.
Thank you but I've checked in the code window, the password encryption is made in PasswordEncryptUtil and the encryption is in org.talend.daikon.crypto.Encryption which is a jar and code is not accessible tho.
