Hi

I have tried using dp:decrypt-key function with rsa aes encrypted key .
as per the client requirement , it has to be decoded first and then decrypt the  aes key.

1. Used dp:decode and also dp:binary-code function . It always complains not valid base64 content
2. dp:decrypt-key always gives me rsa decryption failed

I have used the same encrypted aes key in NodeJS , i am able to decrypt it successfully
I have passed the aeskey encrypted key as buffer object in privateDecrypt function.


Do we have any dp:decrypt-key function in Gateway Script ?..


------------------------------
santhosh
------------------------------

Hi,

>Do we have any dp:decrypt-key function in Gateway Script ?..

>

no, but you can use all XSLT extension functions in GatewayScript by using transform.xslt() and calling out to a stylesheet.

In case you cannot resolve the dp:decrypt-key issue, please create a support ticket and provide needed information (sample message, config export, what you want to happen, ...)

------------------------------
Hermann Stamm-Wilbrandt
Compiler Level 3 support & Fixpack team lead
IBM DataPower Gateways (⬚ᵈᵃᵗᵃ / ⣏⠆⡮⡆⢹⠁⡮⡆⡯⠂⢎⠆⡧⡇⣟⡃⡿⡃)
https://stamm-wilbrandt.de/en/blog/
------------------------------

Original Message:
Sent: Mon July 06, 2020 11:49 AM
From: santhosh yelimineti
Subject: dp:decrypt-key in Gateway Script

Hi

I have tried using dp:decrypt-key function with rsa aes encrypted key .
as per the client requirement , it has to be decoded first and then decrypt the  aes key.

1. Used dp:decode and also dp:binary-code function . It always complains not valid base64 content
2. dp:decrypt-key always gives me rsa decryption failed

I have used the same encrypted aes key in NodeJS , i am able to decrypt it successfully
I have passed the aeskey encrypted key as buffer object in privateDecrypt function.


Do we have any dp:decrypt-key function in Gateway Script ?..


------------------------------
santhosh
------------------------------

Thanks for the reply Hermann

Below is the process for decrypting the data for this aes encrypted key

1.decode the base64 data of aes Encrypted key
2.decrypt the the aes encrypted key with RSA keys


when i decode the base64 data i am getting the decoded data like below

)톦&÷è¬në=ô¤„ÆÃÓeôÞ«ôžÞøK^.Qu3XøwwœœP%úV
"|wÿ̱§V®çüMX=O¦žŒ¦ÝþZãl_Z¹¦CÈEš"è9¡1rgâ¹÷ç7aÛx*;Li"eŠül‚Dò»ÆÝCmò«‘)”6óºúÌûšÕ¶+¨œÀÅÚ¢%Y8 $|MᶫeÉØKž.ÿå`«_õA™pÐê,8–ÀùüSp‡µÛŸè%”¼ßLsUäš]Ä�—ú¾–R0sݽál÷
ª�%J
6‚SUE·eÕ6K;²sÛ×ùZ!->¿ÓÞñý#Ò:¶ŠË±W


since it is not utf8 , xslt is throwing the error . invalid based 64 data .


we don't have this problem in NodeJS because we are using Buffer.from(encryptedaeskey,'base64') which is taking as buffer data and we are able to handle this .

I am looking for similar concept to make it work on Datapower

------------------------------
santhosh
------------------------------

Original Message:
Sent: Mon July 06, 2020 11:49 AM
From: santhosh yelimineti
Subject: dp:decrypt-key in Gateway Script

Hi

I have tried using dp:decrypt-key function with rsa aes encrypted key .
as per the client requirement , it has to be decoded first and then decrypt the  aes key.

1. Used dp:decode and also dp:binary-code function . It always complains not valid base64 content
2. dp:decrypt-key always gives me rsa decryption failed

I have used the same encrypted aes key in NodeJS , i am able to decrypt it successfully
I have passed the aeskey encrypted key as buffer object in privateDecrypt function.


Do we have any dp:decrypt-key function in Gateway Script ?..


------------------------------
santhosh
------------------------------

You cannot process binary data in XSLT, XSLT is for processing XML.

You can process binary data encoded in base64, and pass that as parameter to functions expecting it.

The decrypted key is binary, therefor its response is base64 encoded:

https://www.ibm.com/support/knowledgecenter/SS9H2Y_7.7.0/com.ibm.dp.doc/decrypt-key_cryptographicfunction.html

------------------------------
Hermann Stamm-Wilbrandt
Compiler Level 3 support & Fixpack team lead
IBM DataPower Gateways (⬚ᵈᵃᵗᵃ / ⣏⠆⡮⡆⢹⠁⡮⡆⡯⠂⢎⠆⡧⡇⣟⡃⡿⡃)
https://stamm-wilbrandt.de/en/blog/
------------------------------

Original Message:
Sent: Tue July 07, 2020 10:12 AM
From: santhosh yelimineti
Subject: dp:decrypt-key in Gateway Script

Thanks for the reply Hermann

Below is the process for decrypting the data for this aes encrypted key

1.decode the base64 data of aes Encrypted key
2.decrypt the the aes encrypted key with RSA keys


when i decode the base64 data i am getting the decoded data like below

)톦&÷è¬në=ô¤„ÆÃÓeôÞ«ôžÞøK^.Qu3XøwwœœP%úV
"|wÿ̱@V®çüMX=O¦žŒ¦ÝþZãl_Z¹¦CÈEš"è9¡1rgâ¹÷ç7aÛx*;Li"eŠül‚Dò»ÆÝCmò«‘)”6óºúÌûšÕ¶+¨œÀÅÚ¢%Y8 $|MᶫeÉØKž.ÿå`«_õA™pÐê,8–ÀùüSp‡µÛŸè%”¼ßLsUäš]Ä�—ú¾–R0sݽál÷
ª�%J
6‚SUE·eÕ6K;²sÛ×ùZ!->¿ÓÞñý#Ò:¶ŠË±W


since it is not utf8 , xslt is throwing the error . invalid based 64 data .


we don't have this problem in NodeJS because we are using Buffer.from(encryptedaeskey,'base64') which is taking as buffer data and we are able to handle this .

I am looking for similar concept to make it work on Datapower

------------------------------
santhosh

Original Message:
Sent: Mon July 06, 2020 11:49 AM
From: santhosh yelimineti
Subject: dp:decrypt-key in Gateway Script

Hi

I have tried using dp:decrypt-key function with rsa aes encrypted key .
as per the client requirement , it has to be decoded first and then decrypt the  aes key.

1. Used dp:decode and also dp:binary-code function . It always complains not valid base64 content
2. dp:decrypt-key always gives me rsa decryption failed

I have used the same encrypted aes key in NodeJS , i am able to decrypt it successfully
I have passed the aeskey encrypted key as buffer object in privateDecrypt function.


Do we have any dp:decrypt-key function in Gateway Script ?..


------------------------------
santhosh
------------------------------