Encryption and Decryption Using Node Forge

You can now transfer encrypted files to the bank server and decrypt them using Node Forge. You must enable the Encryption feature from the Outbound Configuration page to configure the encryption data. After you provide the encryption details and configure the data, you can send the encrypted files using the manual or scheduled payment file transfer to the bank server. The payment files transferred to the bank server are in encrypted format. The encrypted files can be decrypted using Node Forge.

To encrypt the files:

1. Go to SFTP > SFTP Records >Outbound Configurations.

2. Next to a record, click Edit.

3. On the Outbound Configuration page, click the Encryption box in the Encryption subtab.

4. In the Encryption Method field, select one of the following supported encryption methods:

   • AES 128

   • AES 192

   • AES 256

   Note:

   The passkey file is regenerated when you change the encryption method.

5. In the Passkey Folder ID field, enter the ID of the folder that stores the passkey text file.

   Note:

   The passkey file must be stored with the naming format SFTP Connector Configuration_aes.txt. The passkey file is generated when you change Passkey Folder ID field.

6. In the Passphrase field, enter the passphrase to generate the passkey and IV.

   Note:

   The passkey file is regenerated when you change the Passphrase field.

7. Click Save.

   Note:

   The passkey file is generated as SFTPConnectorConfigurationname_aes.txt file. This passkey file must be shared with your bank or third parties outside NetSuite for decrypting the files at their end.

8. Click the Outbound-Manual or Outbound Schedule button to transfer the encrypted files to the bank server.

Decrypting the Files using Node Forge

The encrypted files must be decrypted using Node Forge to use the payment files transferred to the bank.

Note:

You can also decrypt the files in NetSuite using Decryption Configuration page. For more information, see Setting Up Inbound Configuration Records.

To decrypt files using Node Forge:

1. Download and install Node.js from this link Download Node.js

2. Open cmd and enter npm install node-forge.

   Note:

   You can decrypt multiple files at the same time by using the command node decryption.js filename1 filename2 filename3.

3. Type node decryption.js filename.js. .

   The following is the sample script used for decrypting files

                   //imported fs and node-fore
   var fs = require('fs');
   var forge = require('node-forge');
   ​function decryptFile(filename){
      //opens the file and copies the contents into variable name "Data"
      fs.readFile( __dirname + '/'+filename, function (err, Data) {
        if (err) {
           //throws error when facing issues in reading the file
          throw err; 
        }
        //contents of the file
        console.log(Data.toString());
   ​     var decipher = forge.cipher.createDecipher('AES-CBC', forge.util.decode64(key));
       decipher.start({iv: forge.util.decode64(iv)});
       decipher.update(forge.util.createBuffer((Data.toString())));
       var result = decipher.finish(); // check 'result' for true/false
       // decrypted data
       var decipher_file_contents=decipher.output.data;
   ​    //writing the decrypted file contents back into the same file
       fs.writeFile(__dirname + '/'+filename,forge.util.encodeUtf8(decipher_file_contents),(err) => {
           if (err)
             console.log(err);
           else {
             console.log("File written successfully\n");
             }
         });
   ​   });
   }
   ​//{"key":"AvX9C1Z54t6smSfhMbaSijrz7+vUuB63zNuu2Y/NF6Q=","iv":"sW9R/JlmQhM8E6yidMlUhlN1NJdqkGwQWRyaQ9KyKrU="}
   // 128/192/256 bit Key and IV value which are encoded in base-64 
   var key = "AvX9C1Z54t6smSfhMbaSijrz7+vUuB63zNuu2Y/NF6Q=";
   var iv  = "sW9R/JlmQhM8E6yidMlUhlN1NJdqkGwQWRyaQ9KyKrU=";
   ​// cmd for execution: node decrypt_executor_file.js file_to_decrypt_1.js file_to_decrypt_2.js file_to_decrypt_3.js 
   // execute the above command only in the directory where the files are present. 
   var file_names = process.argv.slice(2);
   // file_names 
   // file_names = [file_to_decrypt_1.js,file_to_decrypt_2.js,file_to_decrypt_3.js]
   ​// opens the file and decrypts the contents using AES-CBC from Node-Forge. 
   // The decrypted file contents are saved back in the same file. 
   for (var i =file_names.length - 1; i >= 0; i--) {
      decryptFile(file_names[i]);
   } 
   
                 

4. Replace the key and IV values in the decryption.js file with the generated values.

You cannot decrypt an already decrypted file as the script text changes and cannot be identified. You can check or clear the Encryption box anytime. The following file formats are supported for encryption:

• .csv

• .txt

• .xml

Related Topics

• SFTP Connector SuiteApp
• Setting Up the SFTP Connector SuiteApp
• Roles and Permissions for SFTP Connector SuiteApp
• SFTP Connector Limitations
• Creating SFTP Connector Folders in NetSuite File Cabinet
• Setting Up Outbound Configuration Records
• Setting Up Inbound Configuration Records
• Setting Up Decryption Configuration Records
• SFTP Connector Error Codes

General Notices