Hi Community,
I am trying to unwrap an AES key that was wrapped using an RSA public key, and I want to unwrap it in ServiceNow using the corresponding RSA private key via the KMF (Key Management Framework) API.
I attempted the following approach using KMFCryptoOperation, but I keep running into different errors (depending on the configuration), and I’m not able to successfully retrieve the unwrapped AES key.
var unwrapOp = new sn_kmf_ns.KMFCryptoOperation(
cryptoModuleName,
"ASYMMETRIC_UNWRAPPING"
)
.withAlgorithm("RSA")
.withInputFormat("BASE64")
.withOutputFormat("BASE64");
var unwrappedKeyBase64 = unwrapOp.doOperation(encryptedData);
I want to unwrap (decrypt) the AES key using the KMF API and then need to use this AES key for decrypting the actual encrypted data. But I’m unsure if ASYMMETRIC_UNWRAPPING is the correct operation for this use case
Has anyone successfully implemented RSA-based key unwrapping in ServiceNow using the KMF API?
Any guidance, working examples, or best practices would be greatly appreciated.
Thanks in advance for your help!
Regards,
Omkar
