Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Session Oriented APIS

Session_WrapKey

search

Please Note:

Session_WrapKey

This API wraps key.

URL

./Session_WrapKey

Input Parameters

ParametersDescription
keyNameName of the key to be wrapped.
keyUseForWrapKey to be used for wrapping.
wrapFormatPaddingPadding format to be used for wrapping the key. This is an optional parameter. It is used for PKCS#1v2.1 and one of the following padding is used: SHA256, SHA384, and SHA512.

Sample SOAP Parameters

    <prot:Session_WrapKey>
        <keyName>AESKey</keyName>
        <keyUseForWrap>RSAKey</keyUseForWrap>
        <!--Optional:-->
        <wrapFormatPadding>SHA256</wrapFormatPadding>
    </prot:Session_WrapKey>

Output

Wrap key bytes.

   <ns2: Session_WrapKeyResponse xmlns:ns2="http://dsws.org/protectappws/">36E409F7993906344FA0DC560475086F485163857ACD41752651ACDF236BDDE73F9859CBF42A744D27603F5869D3DBD29C97005B973517DB76761AF8915D0B13</ns2: Session_WrapKeyResponse>

Note

cxf-manifest.jar should be included in the Java client build path while calling Session_WrapKey web services.

Unwrap Key using OpenSSL

  1. The Session_WrapKey API generates output in hex format. To unwrap the key, convert it into byte array and then write the Base64 encoded wrapped key to file as shown here.

    String wrappedKeytxt=<hexdata>;
byte[] wrappedKey =IngrianProvider.hex2ByteArray(wrappedKeytxt);
Base64.encodeToFile(wrappedKey, <filePathWhereBase64EncodedWrappedKeyIsWritten>);

  2. Based on the padding scheme, run the following command.

    openssl enc -in <filePathWhereBase64EncodedWrappedKeyIsWritten> -out <filepathForbinarytext> -d -a
openssl rsautl -decrypt -in <filepathForbinarytext> -out <filePathToUnwrappedKey> -inkey <pemFilePathToPrivKey>

    openssl enc -in <filePathWhereBase64EncodedWrappedKeyIsWritten> -out <filepathForbinarytext> -d -a 
openssl pkeyutl -decrypt -inkey <pemFilePathToPrivKey> -in <filepathForbinarytext> -out <filePathToUnwrappedKey> -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 -pkeyopt rsa_mgf1_md:sha256

  3. Read the unwrapped key bytes from the file. Convert the byte array into hex format as shown here.

    byte keyArr[]=Files.readAllBytes(Paths.get(<filePathToUnwrappedKey>);
String unwrappedKey= IngrianProvider.byteArray2Hex(keyArr));

On this page