How to set encryption context in script

pneuvil1 · ‎04-11-2022

How do you set your encryption context in a script. We have a couple of contexts available in sys_encryption_context.

I want to choose one of them before using the GlideEncrypter object.

Example

var a = new GlideRecord ('sys_encryption_context);
a.get ('name', 'my context')
callSomethingToSetContext(a.sys_id)
var x = new GlideEncrypter();
y = x.encrypt();
or 
y = x.decrypt();

DrewW · ‎04-11-2022

GlideEncrypter does not support encryption contexts, just a string to use as a key.

https://docs.servicenow.com/en-US/bundle/sandiego-application-development/page/app-store/dev_portal/API_reference/GlideEncrypter/concept/GlideEncrypterAPI.html

Have you looked at this?

https://docs.servicenow.com/bundle/rome-platform-administration/page/administer/encryption/task/t_EncryptionContextSetup.html

pneuvil1 · ‎04-11-2022

Yes, I've looked at both of those documents.

I need to encrypt some text in a script based on the encryption context currently set. and I need to set that context prior to encryption or decryption.

Any way of doing that?

DrewW · ‎04-11-2022

Is this a one time thing?

If so you could assign both contexts to yourself then run a background script that reads the data out of the field, sets the field to NULL, updates the record then sets the value back and updates it again. That will cause what ever encryption context you have selected to be used.

At one point I saw a script that could change out the encryption context for attachments but I cannot find it but I think it did something with the encryption_context field.

pneuvil1 · ‎04-11-2022

I saw in your code the ability to set the encryption context in attachment processing only.

I was hoping for something like that.

What encryption mechanism does GlideEncrypter use if not one of the encryption contexts available in sys_encryption_context?

How would one even encrypt some text using the current context if GlideEncrypter does not use your currently set context?