How to Implement AES-256 Encryption

0
I m using mendix 10.24 . I am creating an api and wanted encrypt the sensative data using AES256 algo. How can i do it. when I am searhing encryption in market place its showing only PGP. Please let me know how can i do it
asked
1 answers
0

For AES-256 encryption in Mendix 10.24, you don't necessarily need a Marketplace module. You can implement it using a custom Java Action.

A common approach is:

  • Create a Java Action for encryption/decryption
  • Use Java's built-in javax.crypto library
  • Keep the AES key securely (preferably not hardcoded)
  • Use a salt/IV for generating the cipher

Example approach:

AES/CBC/PKCS5Padding

or preferably:

AES/GCM/NoPadding

(GCM provides both encryption and integrity checking.)

The flow would be:

Mendix API

→ Microflow

→ Java Action (Encrypt)

→ Return encrypted value

For the key:

  • Do not generate/store it dynamically every time
  • Store it securely using a Constant (or external secret manager if available)
  • Pass salt/IV as input or generate a unique IV per encryption

For example:

Key + Salt/IV
      |
      ↓
AES-256 Cipher
      |
      ↓
Encrypted Base64 string

Then create another Java Action for decryption using the same key and IV.

The PGP modules in Marketplace are mainly for public/private key encryption. AES is symmetric encryption, so custom Java implementation is usually the cleaner option.

Also, avoid using the same static IV for every encryption. Generate a new IV for every encrypted value and store/transmit it along with the encrypted data.

Kindly mark this as the accepted answer if it helps.

answered