Wrap/Unwrap

These two endpoint implements the NIST Key Wrapping scheme.

Allowed users

Allowed

Required access scope

keymgmt:use:<KID>

where <KID> is a Key ID as 32 chars hexadecimal string

Wrap

Wrap a message

POST https://my.ence.do/api/crypto/cipher/wrap

Wrap plain message using NIST Key Wrapping scheme.

Headers

Request Body

{
  "wrapped": "ot5cd+SCF6w9dxdjtLnnr96yIMJQWVzb"
}

The key type pointed by ext_kid or represented by pubkey MUST be the same as the kid key type. Otherwise, indirect ECDH will be failed.

Possible alg values

Response data for successful operation

Log entries

Unwrap

Unwarp a message

POST https://my.ence.do/api/crypto/cipher/unwrap

Unwrap encrypted message using the NIST Key Wrapping scheme.

Headers

Request Body

{
  "unwrapped": "SGVsbG9Xb3JsZDAxMjM0NQ=="
}

The key type pointed by ext_kid or represented by pubkey MUST be the same as the kid key type. Otherwise, indirect ECDH will be failed.

Possible alg values

Check the list here.

Response data for successful operation

Log entries

PreviousEncryption/DecryptionNextAudit log

Last updated