Unable to Unwrap AES Key Using RSA Private Key with KMF API

OmkarC
Tera Guru

3 weeks ago

Hi Community,

I am trying to unwrap an AES key that was wrapped using an RSA public key, and I want to unwrap it in ServiceNow using the corresponding RSA private key via the KMF (Key Management Framework) API.

I attempted the following approach using KMFCryptoOperation, but I keep running into different errors (depending on the configuration), and I’m not able to successfully retrieve the unwrapped AES key.

var unwrapOp = new sn_kmf_ns.KMFCryptoOperation(
    cryptoModuleName,
    "ASYMMETRIC_UNWRAPPING"
)
    .withAlgorithm("RSA")
    .withInputFormat("BASE64")
    .withOutputFormat("BASE64");

var unwrappedKeyBase64 = unwrapOp.doOperation(encryptedData);

I want to unwrap (decrypt) the AES key using the KMF API and then need to use this AES key for decrypting the actual encrypted data. But I’m unsure if ASYMMETRIC_UNWRAPPING is the correct operation for this use case


Has anyone successfully implemented RSA-based key unwrapping in ServiceNow using the KMF API?
Any guidance, working examples, or best practices would be greatly appreciated.

Thanks in advance for your help!

Regards,
Omkar

0 Helpfuls
  • 322 Views
2 REPLIES 2

Tanushree Maiti
Kilo Patron

3 weeks ago

Hi @OmkarC 

 

Try the sample code available in SN doc:

https://www.servicenow.com/docs/r/zurich/api-reference/server-api-reference/KMFCryptoOperationBothAP...

 

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:

OmkarC
Tera Guru
In response to Tanushree Maiti

2 weeks ago

Hi  @Tanushree Maiti ,

First of all, thank you for sharing the documentation link. However, I could not find the exact sample code for the ASYMMETRIC_UNWRAPPING operation that I was looking for.

Could you please share sample code if you have any or any other documentation link?

Regards,
Omkar
0 Helpfuls