Getting decrypted value from Password2 field
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2021 10:58 AM
Hi all!
Currently, I'm facing with problem with Password (2 way encrypted), because I'd like to store credentials in Credentials table, and I'm populating that table when my custom table is updated, so I decided to use business rules for that.
Everything works fine, but when I want to get password value and pass into my REST script, I'm not able to decrypt it. I'm working in my custom scope, so I cannot use GlideEncryptor.
There is any chance to decrypt that value in fly or in code?
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2021 10:20 PM
Hi Dominik
Please find the below link
If it helps please mark helpful or correct
Regards,
Abhishek Chavan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2021 01:20 AM
Hi Abhishek,
It doesn't work for me, when I use gr.<element>.getDecryptedValue() there is still encrypted value.
I also noticed few errors in system logs, it's one of them:
Failure getting key from the KMF. Key ID: 1b87ad2073321010fa4be27bcaf6a730, Error: com.glide.kmf.commons.CryptoOperationException: Error decrypting key bytes, key not present.: com.glide.kmf.commons.CryptoOperationException: Error decrypting key bytes, key not present.: com.glide.kmf.KMFFormattedKeyUnwrappingOperation.decryptKeyBytes(KMFFormattedKeyUnwrappingOperation.java:56)
com.glide.kmf.LocalRegistryWrapper.unwrapKey(LocalRegistryWrapper.java:42)
com.glide.kmf.AKMFKeyRegistry.getKeyById(AKMFKeyRegistry.java:98)
com.glide.kmf.KMFInstanceKeyRegistry.getKeyByType(KMFInstanceKeyRegistry.java:116)
com.glide.kmf.LocalRegistryWrapper.computeHMAC(LocalRegistryWrapper.java:48)
com.glide.kmf.AKMFKeyRegistry.validateHmac(AKMFKeyRegistry.java:371)
com.glide.kmf.KMFModuleKeyRegistry.getKeyById(KMFModuleKeyRegistry.java:149)
com.glide.kmf.KMFModuleKeyRegistry.getKeyByType(KMFModuleKeyRegistry.java:71)
com.glide.kmf.KMFOutputBaseBuilder.getKMFOutputObject(KMFOutputBaseBuilder.java:98)
com.glide.kmf.KMFOutputStringBuilder.apply(KMFOutputStringBuilder.java:22)
com.glide.kmf.KMFGlideEncrypter.encryptUsingParentModule(KMFGlideEncrypter.java:77)
com.glide.kmf.KMFGlideEncrypter.encryptWithFallbackLogic(KMFGlideEncrypter.java:70)
com.glide.kmf.KMFGlideEncrypter.encrypt(KMFGlideEncrypter.java:51)
com.glide.util.Encrypter.encrypt(Encrypter.java:83)
com.glide.script.glide_elements.GlideElementPassword2.setDisplayValue(GlideElementPassword2.java:68)
com.glide.script.ActionRecordList.populateActionRecord(ActionRecordList.java:60)
com.glide.script.ActionValueSetter.setValue(ActionValueSetter.java:403)
com.glide.script.ActionValueSetter.setAllowedValues(ActionValueSetter.java:282)
com.glide.script.ActionValueSetter.setValues(ActionValueSetter.java:201)
com.glide.script.ActionScriptProcessor.processScript(ActionScriptProcessor.java:112)
com.glide.script.Action.process(Action.java:117)
com.glide.ui.RedirectTransaction.invokeAction(RedirectTransaction.java:544)
com.glide.ui.RedirectTransaction.handleActions(RedirectTransaction.java:500)
com.glide.ui.RedirectTransaction.inboundActions(RedirectTransaction.java:336)
com.glide.ui.RedirectTransaction.process(RedirectTransaction.java:199)
com.glide.ui.GlideServletUITransaction.process(GlideServletUITransaction.java:96)
com.glide.processors.AProcessor.runProcessor(AProcessor.java:596)
com.glide.processors.AProcessor.processTransaction(AProcessor.java:266)
com.glide.processors.ProcessorRegistry.process0(ProcessorRegistry.java:181)
com.glide.processors.ProcessorRegistry.process(ProcessorRegistry.java:169)
com.glide.ui.GlideServletTransaction.process(GlideServletTransaction.java:44)
com.glide.sys.Transaction.run(Transaction.java:2338)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
java.lang.Thread.run(Thread.java:748)
Regards,
Dominik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2021 03:20 AM
Hi Dominik,
You can try like
Create a new script include in the global context that takes your string value as a parameter and then use GlideEncrypter to do the work for you inside the script include function. You then return the the encrypted value to your calling script. In order to call the new include from a scope application script you can use similar to the following:
var encryptmypwd = new global.myEncrypterInclude(); //Note the global prefix
var encryptedpwd = encryptmypwd.encryptPwd("myrandompasswordstring");
encryptPwd above is the function inside my new script include that uses GlideEncrypter to encrypt for me.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-24-2021 03:37 AM
Hi,
Is the password field created in same scope i.e. custom scope?
this should work in scoped application if the field is in same app scope
gr.<element>.getDecryptedValue()
Regards
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
