Asymmetric encryption for data exchange
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2024 04:11 AM
Hi,
did anyone use KMF framework for Asymmetric encryption? I was not able to configure it and SN Docs do not provide good example or practice.
The idea is to have 2 instances. One of them should be able to decrypt messages from other.
So what I expect is one instance has only public key for encryption, other have both, private key is used for decryption.
What I did:
Created KMF Module of the recipient instance. Specification added: Asymmetric Data Decryption.
It generated pair of keys which is what I expected.
I exported public key in cer format in order to use it on sender instance.
On the sender instance I created KMF mode with specification Asymmetric Data Encryption and during creation it asked to import the key and I did it from previously exported cer file.
So far it was what I expected.
Then goes the encryption.
I used the code
var op = new sn_kmf_ns.KMFCryptoOperation("MODULE 1 NAME","ASYMMETRIC_ENCRYPTION")
.withInputFormat("KMFNONE")
.withOutputType("STRING");
var cipherText = op.doOperation("hi");
so cipherText contains encrypted string that I moved to recipient instance for decryption.
For decryption I used the code:
var op = new sn_kmf_ns.KMFCryptoOperation("MODULE 2 NAME","ASYMMETRIC_DECRYPTION")
.withOutputFormat("KMFNONE");
var clearText = op.doOperation(cipherText);
But it failed
The error is:
Couldn't decipher the stack trace resulting from the following JavaScriptException:
com.glide.kmf.InvalidCryptoModuleOperationException: Could not find module key with sys_id: 756b928747fb06102556aad0516d43a0: org.mozilla.javascript.JavaScriptException: com.glide.kmf.InvalidCryptoModuleOperationException: Could not find module key with sys_id: 756b928747fb06102556aad0516d43a0: org.mozilla.javascript.Context.makeJavaScriptException(Context.java:2248) org.mozilla.javascript.Context.throwAsScriptRuntimeEx(Context.java:2230) org.mozilla.javascript.MemberBox.invoke(MemberBox.java:163) org.mozilla.javascript.FunctionObject.doInvoke(FunctionObject.java:717) org.mozilla.javascript.FunctionObject.call(FunctionObject.java:654) org.mozilla.javascript.ScriptRuntime.doCall(ScriptRuntime.java:2973) org.mozilla.javascript.Interpreter.interpretLoop(Interpreter.java:1720) org.mozilla.javascript.Interpreter.interpret(Interpreter.java:1030)
sys_id in the error is the id of public key from recipient instance and this is confusing because it should have used private key for decryption. Also it's strange why encrypted text contains metadata of servicenow entities.
Did anyone face with similar tasks and how they were implemented? Or does anyone know what I did wrong in this scheme or code?
Thank you.
