Wowza Community

How to encrypt/secure secrets in properties


We extend Wowza using the JAVA API by creating custom modules. As you know, to read some inputs which are required for your business logic in the module, we create custom properties in the application.xml or VHost.xml file.

Currently these property name, value is stored in plaintext which is fine for non-secret properties but for keys such as username, passwords etc, it is not secure to leave them in plaintext.

Is there a way in Wowza to encrypt or secure such properties?

You can add an encrypted or hashed property value, and decrypt it in your custom module.

e.g. (this is sample code, doesn’t necessarily work, only to explain my proposed solution. Google “java encrypt and decrypt” to find many good solutions with working code samples)

String key = "some_secret_key"
String cipherText = Server.getProperties().getPropertyStr("myProp", "")
Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, key, iv); 
byte[] plainText = cipher.doFinal(cipherText);
return new String(plainText);

to encrypt that value you’d use the pseudo-code below, and write the output as the property value for “myProp”

String key = "some_secret_key"
String input = "my_property_value"
Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, key, iv);
return cipher.doFinal(input.getBytes(StandardCharsets.UTF_8));