Wrap/Unwrap
These two endpoint implements the NIST Key Wrapping scheme.
Allowed users
Allowed
Required access scope
keymgmt:use:<KID>
where <KID> is a Key ID as 32 chars hexadecimal string
Wrap
Wrap a message
POST https://my.ence.do/api/crypto/cipher/wrap
Wrap plain message using NIST Key Wrapping scheme.
Headers
Authorization*
String
Bearer JWT_TOKEN
Content-Type*
String
application/json
Request Body
alg
String
Algorithm to use (e.g. AES256)
ext_kid
String
External Key ID, 32 chars hex string
kid*
String
Key ID, 32 chars hex string
msg*
String
Data message to wrap
pubkey
String
Base64 encoded external public key
ctx
String
Additional context data (HKDF argument)
iv
String
Optional IV data
{
"wrapped": "ot5cd+SCF6w9dxdjtLnnr96yIMJQWVzb"
}Possible alg values
alg valuesAES128
Regard to NIST SP 800-38F
AES192
Regard to NIST SP 800-38F
AES256
Regard to NIST SP 800-38F
Response data for successful operation
wrapped
String
Base64 encoded wraped data
Log entries
LOG_TYPE_FAILED_SCOPE_CHECK
LOG_RESULT_FAILED
403
LOG_TYPE_CRYPTO_WRAP
LOG_RESULT_ERROR
400
LOG_TYPE_CRYPTO_WRAP
LOG_RESULT_FAILED
406
LOG_TYPE_CRYPTO_WRAP
LOG_RESULT_OK
200
Unwrap
Unwarp a message
POST https://my.ence.do/api/crypto/cipher/unwrap
Unwrap encrypted message using the NIST Key Wrapping scheme.
Headers
Authorization*
String
Bearer JWT_TOKEN
Content-Type*
String
application/json
Request Body
alg
String
Algorithm to use (e.g. AES256)
ext_kid
String
External Key ID, 32 chars hex string
iv
String
Ciphertext IV
kid*
String
Key ID, 32 chars hex string
msg*
String
Data message to unwrap
pubkey
String
Base64 encoded external public key
ctx
String
Additional context data (HKDF argument)
{
"unwrapped": "SGVsbG9Xb3JsZDAxMjM0NQ=="
}Possible alg values
alg valuesCheck the list here.
Response data for successful operation
unwrapped
String
Base64 encoded unwraped data
Log entries
LOG_TYPE_FAILED_SCOPE_CHECK
LOG_RESULT_FAILED
403
LOG_TYPE_CRYPTO_UNWRAP
LOG_RESULT_ERROR
400
LOG_TYPE_CRYPTO_UNWRAP
LOG_RESULT_FAILED
406
LOG_TYPE_CRYPTO_UNWRAP
LOG_RESULT_OK
200
Last updated