In compliance with the customer’s request, we need to implement an integration with a third-party system through REST API calls. The transmitted data must be secured using a dual encryption approach:
- Symmetric encryption: AES algorithm in OFB mode, with a 256-bit symmetric key and Initialization Vector (IV).
- Asymmetric encryption: RSA algorithm with a 2048-bit public key.
We have attempted to create a Script Include to handle the encryption logic; however, we consistently encounter errors such as:
JavaException: java.lang.SecurityException: Illegal attempt to access class 'javax.cryp**.spec.IvParameterSpec' via script: no thrown error
and similar errors related to other Java classes.
We understand that many Java classes are restricted for security reasons. Nevertheless, to ensure proper implementation of the solution, we kindly request that the following classes be unlocked:
- Packages.java.security.SecureRandom
- Packages.javax.cryp**.spec.SecretKeySpec
- Packages.javax.cryp**.spec.IvParameterSpec
- Packages.javax.cryp**.Cipher
- Packages.java.security.spec.X509EncodedKeySpec
- Packages.java.security.KeyFactory
- Packages.java.security.spec.PKCS8EncodedKeySpec
- Packages.java.util.Base64
Is that possible? Or do you know if there is another way to implement the requested functionality?
