Leena Encryption
Overview
The Leena Encryption connector enables your Leena AI Agents to perform secure data encryption and decryption operations within your workflows, ensuring sensitive information is protected using industry-standard cryptographic methods.
Leena Encryption is a built-in security service that provides end-to-end encryption and decryption capabilities using both symmetric (AES) and asymmetric (OpenPGP) cryptographic methods. This connector allows Leena AI to protect confidential documents, secure PII data, encrypt API credentials, and decrypt sensitive information from external partners.
Key Features
- Symmetric Encryption (AES): Uses a single secret key for both encryption and decryption, ideal for internal data protection
- Asymmetric Encryption (OpenPGP): Uses public/private key pairs for secure data exchange with external partners
- Flexible Input/Output: Supports files, strings, and JSON data formats
- Multiple Output Formats: Returns encrypted/decrypted data as strings, files, or JSON objects
Setup
The Leena Encryption connector uses either Symmetric Authentication (AES) or Asymmetric Authentication (OpenPGP) based on your security requirements.
Prerequisites
Before setting up the Leena Encryption connector, ensure you have:
- Access to your Leena AI workspace with connector management permissions
- For Symmetric encryption: A secure secret key (Base64 encoded)
- For Asymmetric encryption: OpenPGP public key (for encryption) and/or private key (for decryption)
Add connection
Here is how to add a connection on Leena AI:
- Log in to your Leena AI workspace
- Navigate to Settings > Integrations
- Search for "Leena Encryption" and select it from the list to add its new connector
- Select the Auth Type based on your encryption needs:
Symmetric Authentication (AES)
For symmetric encryption, configure the following:
| Name | Description |
|---|---|
| Secret Key | The secret key used for encryption and decryption (Base64 encoded) |
| Encryption Algorithm | The AES algorithm to use. Options: AES-256-CBC, AES-192-CBC, AES-128-CBC, AES-256-GCM, AES-192-GCM, AES-128-GCM |
| Initialization Vector (IV) (Optional) | Optional initialization vector for encryption (Base64 encoded). If not provided, a random IV is generated |
Asymmetric Authentication (OpenPGP)
For asymmetric encryption, configure the following:
| Name | Description |
|---|---|
| Public Key | The OpenPGP public key for encryption (required for encryption operations) |
| Private Key | The OpenPGP private key for decryption (required for decryption operations) |
| Passphrase (Optional) | Passphrase to unlock the private key if it is password-protected |
- Save the connection configuration
Actions
The following actions are supported for the Leena Encryption connector:
Encrypt Data
Encrypts data using either symmetric (AES) or asymmetric (OpenPGP) encryption methods. The Agent can leverage the skill (workflow), which has been designed to encrypt sensitive data, once the user provides the data to be protected.
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
| Name | Description |
|---|---|
| Encryption Type | The encryption method to use. Options: Symmetric (Crypto), Asymmetric (OpenPGP) |
| Input Type | The format of the input data. Options: File, String, JSON |
Optional
Name | Description |
|---|---|
File URL? | Toggle to specify if the file input is from a URL (applicable when Input Type is File) |
File URL | The URL to fetch the file from (applicable when File URL? is enabled) |
File | Upload the file to encrypt (applicable when Input Type is File and File URL? is disabled) |
String Data | The string data to encrypt (applicable when Input Type is String) |
JSON Data | The JSON data to encrypt (applicable when Input Type is JSON) |
Output Format | The format for the encrypted output. Options:
|
File Name | The name for the output file (applicable when Output Format is File and Encryption Type is Asymmetric). Leave blank for auto-generated .pgp filename |
Generate Salt? | Toggle to generate a salt for enhanced key derivation security (Symmetric encryption only) |
Iterations | Number of iterations for PBKDF2 key derivation (applicable when Generate Salt? is enabled). Default: 65536 |
Key Length | Length of the derived key in bytes (applicable when Generate Salt? is enabled). Default: 32 |
Here is a sample JSON input:
//Symmetric Encryption - String Input
{
"encryptionType": "symmetric",
"inputType": "string",
"stringData": "This is sensitive data that needs to be encrypted",
"outputFormat": "json"
}
//Symmetric Encryption - With Salt Generation
{
"encryptionType": "symmetric",
"inputType": "string",
"stringData": "Confidential employee information",
"outputFormat": "string",
"generateSalt": true,
"iterations": 65536,
"keyLength": 32
}
//Asymmetric Encryption - File from URL
{
"encryptionType": "asymmetric",
"inputType": "file",
"useFileUrl": true,
"fileUrl": "https://example.com/sensitive-document.pdf",
"outputFormat": "file",
"outputFileName": "encrypted-document.pgp"
}
//Symmetric Encryption - JSON Input
{
"encryptionType": "symmetric",
"inputType": "code",
"jsonData": {
"employeeId": "EMP001",
"ssn": "123-45-6789",
"salary": 75000
},
"outputFormat": "json"
}Response
Upon successful encryption, the action returns:
For String output:
encryptedMessage: The encrypted data as a string
For JSON output (Symmetric only):
iv: Initialization vector (Base64 encoded)encryptedData: The encrypted payload (Base64 encoded)algorithm: The encryption algorithm usedauthTag: Authentication tag for GCM modes (Base64 encoded)salt: Salt value if salt generation was enabled (Base64 encoded)
For File output:
- File attachment details including URL to the uploaded encrypted file
Decrypt Data
Decrypts data that was previously encrypted using symmetric (AES) or asymmetric (OpenPGP) methods. The Agent can leverage the skill (workflow), which has been designed to decrypt protected data, once the user provides the encrypted content.
Input Parameters
Here are the input parameters required to set up this action:
Mandatory
| Name | Description |
|---|---|
| Encryption Type | The decryption method to use. Options: Symmetric (Crypto), Asymmetric (OpenPGP) |
| Return Format | The format for the decrypted output. Options: String, File, JSON |
Optional - Asymmetric Decryption
| Name | Description |
|---|---|
| Input Type | Source of encrypted data. Options: Encrypted String, URL |
| Encrypted Message | The encrypted PGP message (applicable when Input Type is Encrypted String) |
| URL | URL to fetch the encrypted file from (applicable when Input Type is URL) |
Optional - Symmetric Decryption
| Name | Description |
|---|---|
| IV (Initialization Vector) | The initialization vector used during encryption (Base64 encoded) |
| Encrypted Data | The encrypted payload to decrypt (Base64 encoded) |
| Algorithm | The encryption algorithm used (e.g., aes-256-gcm) |
| Auth Tag (Optional for non-GCM modes) | The authentication tag for GCM mode decryption (Base64 encoded) |
| Secret Key | Override the connection's secret key with a different key for decryption |
| Add Salt? | Toggle if the encryption used salt-based key derivation |
| Salt | The salt value used during encryption (applicable when Add Salt? is enabled) |
| Iterations | Number of PBKDF2 iterations used during encryption (applicable when Add Salt? is enabled) |
| Key Length | Length of the derived key in bytes (applicable when Add Salt? is enabled) |
Optional - Common
| Name | Description |
|---|---|
| File Name | The name for the output file (applicable when Return Format is File) |
Here is a sample JSON input:
//Symmetric Decryption - Basic
{
"encryptionType": "symmetric",
"iv": "abc123base64encodediv==",
"encryptedData": "xyz789base64encodeddata==",
"algorithm": "aes-256-gcm",
"authTag": "def456base64encodedtag==",
"outputFormat": "string"
}
//Symmetric Decryption - With Salt
{
"encryptionType": "symmetric",
"iv": "abc123base64encodediv==",
"encryptedData": "xyz789base64encodeddata==",
"algorithm": "aes-256-gcm",
"authTag": "def456base64encodedtag==",
"addSalt": true,
"salt": "ghi789base64encodedsalt==",
"iterations": 65536,
"keyLength": 32,
"outputFormat": "json"
}
//Asymmetric Decryption - Direct Input
{
"encryptionType": "asymmetric",
"inputType": "direct",
"encryptedMessage": "-----BEGIN PGP MESSAGE-----\n...\n-----END PGP MESSAGE-----",
"outputFormat": "string"
}
//Asymmetric Decryption - From URL
{
"encryptionType": "asymmetric",
"inputType": "url",
"encryptedMessageUrl": "https://example.com/encrypted-file.pgp",
"outputFormat": "file",
"fileName": "decrypted-document.pdf"
}
//Decrypt to JSON
{
"encryptionType": "symmetric",
"iv": "abc123base64encodediv==",
"encryptedData": "xyz789base64encodeddata==",
"algorithm": "aes-256-cbc",
"outputFormat": "json"
}Response
Upon successful decryption, the action returns:
For String output:
decryptedFileData: The decrypted data as a string
For JSON output:
decryptedFileData: The decrypted data parsed as a JSON object
For File output:
- File attachment details including URL to the uploaded decrypted file
Updated 2 days ago