Encrypting and Decrypting passwords in Yantra properties files

Resolving The Problem

Yes, you can encrypt and decrypt passwords in Yantra for the yfs.properties, yifclient.properties etc.
Information regarding this is given in the Application Development guide under section 8.7.3. The information regarding encryption of passwords is appended below.

8-42 Application Development Guide

8.7.3 Data Encryption
Encryption ensures that sensitive data is not viewed by unauthorized people. Yantra provides APIs that enable you to encrypt data such as user names, passwords, and credit card numbers. In addition, encryption and decryption is only applied after it has been specified within the Configurator. For example, only user exits that have been passed credit card information can access decrypted credit card numbers.

8.7.4 Encryption Logic in Yantra
Yantra exposes the com.yantra.ycp.japi.util.YCPEncrypter interface to handle encryption logic. All of Yantra's encryption and decryption is handled by an encrypter class that implements this interface. This class is specified by the yfs.encrypter.class and yfs.propertyencrypter.class properties in the yfs.properties file. Both classes must implement the com.yantra.ycp.japi.util.YCPEncrypter interface. The com.yantra.ycp.japi.util.YCPEncrypter interface has the following two functions:
public java.lang.String encrypt(java.lang.String sData) - sData is the data passed by Yantra to the implementing class for encryption. The return value is the encrypted string.
public java.lang.String decrypt(java.lang.String sData) - sData is the data which is required to be decrypted. For information on writing your own property encrypter class, see the
YCPEncrypter interface in the Yantra 5x Javadocs.
Encryption and decryption functions in this interface are invoked multiple times by Yantra. Yantra does not distinguish between clear text and encrypted information. Therefore, the encrypt function may be invoked with previously encrypted data. In order to avoid double encryption, it is important for the encrypt function to be able to distinguish between clear
text and previously encrypted information. If previously encrypted information is passed to the function, your implementation of this function should return what is passed into it without encrypting it again.
The decrypt function also should be able to distinguish between clear text and previously encrypted text.

8.7.5 Disabling Encryption and Decryption
To disable encryption (or decryption), implement the encrypt (or decrypt) function to return the same value it is passed as input without any processing.

8.7.6 Choosing a Deployment Strategy
There are multiple deployment options when choosing an encryption strategy. The most typical options are:
No encryption or decryption
Both encryption and decryption
No decryption
Use the following explanation to guide your decision-making process:
No Encryption or Decryption
If you operate in a secure and trusted environment which is protected physically and electronically and you do not display credit card numbers on the Yantra Application Consoles, you may choose not to implement any encryption logic. Credit Card numbers are be encrypted in this case and are stored in clear text. This is not a recommended option except in the following scenarios:
Your business does not accept, process, or store credit card numbers or other sensitive information. Yantra is always passed externally encrypted credit card numbers. All
encryption and decryption is handled externally.
Both Encryption and Decryption
Yantra encrypts and decrypts credit card numbers automatically as required. Access to clear text credit card numbers is available on the Yantra Application Consoles based on user authorization levels.
No Decryption
If your business requires Yantra to store credit card numbers, but you never want Yantra to automatically decrypt them under any circumstances, you may want to enable only the encrypt function and disable the decrypt function. This way, Yantra encrypts credit card numbers passed in as clear text but never converts them back. Once Yantra encrypts the information, all your custom extensions are passed encrypted credit card numbers and must handle decryption externally. It is important to note that a few user exits in Yantra (for example, YFSbeforeCreateOrderUE) are invoked before the credit card number is encrypted, so it still has access to the clear text number.

8.7.7 Encryption Usage in Yantra
Yantra supports encryption for the following places:
Properties specified in the yfs.properties, yif.properties, management.properties files
Credit Card Numbers
Properties Specified in the yfs.properties File
Properties such as the JDBC URL, database User ID and Password can be stored encrypted in the yfs.properties file. Because Yantra needs this information to connect to the database, these values must be decrypted by Yantra. If you do not wish Yantra to ever decrypt data, these properties cannot be stored encrypted.
Credit Card Numbers
Yantra can encrypt Credit Card numbers before storing them in the database. Unlike the properties specified in the yfs.properties file, decrypted credit card numbers are never required by Yantra for default processing. However, you may extend Yantra by implementing a user exit that requires decrypted credit card numbers for charging or storing user
preferences. If you don't want Yantra to decrypt information automatically, you must decrypt these credit card numbers in your implementation of the user exit.

8.7.8 Encryption Algorithm
Yantra provides a default encryption algorithm as an implementation of this interface. Yantra provides a proprietary and simplistic key-based encryption algorithm. If you need greater assurance of data privacy Yantra recommends that you implement a more robust standard encryption algorithm for use with Yantra rather than the default provided with the product.

8.7.10 Encrypting Properties
Some properties relay sensitive data such as user IDs and passwords, which you may want to encrypt. Any property (except for the yfs.propertyencrypter.class property in the yfs.properties file), can be encrypted as needed within the following files:
yfs.properties
yif.properties
management.properties
To encrypt properties
When encrypting properties, you need to:
1. Append the property you want to encrypt with ".encrypted". Note that you cannot encrypt the yfs.propertyencrypter.class property.
2. Ensure that the yfs.propertyencrypter.class property is accessible through the CLASSPATH environment variable
3. Implement the YCPEncrypter interface. For details about this interface, see the Yantra 5x Javadocs.
These properties ending with .encrypted are automatically decrypted at runtime.