Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

Related APIs

Decrypting Content Encryption Keys (privatekeydecrypt)

search

Please Note:

Decrypting Content Encryption Keys (privatekeydecrypt)

The POST /v1/cckm/GoogleWorkspaceCSE/endpoints/{id}/privatekeydecrypt API is called to unwrap the content encryption key. This API returns the base64 data encryption key. This key will be used by Google Workspace CSE to decrypt the Gmail message.

Syntax

curl -k 'https://127.0.0.1/api/v1/cckm/GoogleWorkspaceCSE/endpoints/{id}/privatekeydecrypt' -H 'Content-Type: application/json' --data-binary $'{\n  "wrapped_private_key": "<wrapped private key>",\n  "authorization": "<authorization jwt>",\n  "authentication": "<authentication jwt>",\n "algorithm": "<algorithm>",\n  "encrypted_data_encryption_key": "<encrypted data encryption key>",\n "reason": ""\n}' --compressed

Request Parameters

ParameterTypeDescription
idstringID of the endpoint. To find out the ID of an endpoint, refer to Viewing KACLS Endpoints.
algorithmstringAlgorithm that was used to encrypt the private key.
encrypted_data_encryption_keystringThe base64 encoded encrypted data encryption key.
wrapped_private_keystringThe base64 encoded wrapped private key.
authorizationstringA JWT asserting that the user is allowed to unwrap the private key.
authenticationstringA JWT issued by a third party asserting who the user is.
reasonstringAdditional information about the operation.
rsa_oaep_labelintThe base64 encoded label L if the algorithm is RSAES-OAEP.

Example Request

curl -k 'https://127.0.0.1/api/v1/cckm/GoogleWorkspaceCSE/endpoints/7d03-4e2d-c1583936-a0ae-3a1ae2d2e200/privatekeydecrypt' -H 'Content-Type: application/json' --data-binary $'
{
    "wrapped_private_key": "wHrlNOTI9mU6PBdqiq7EQA...",
    "encrypted_data_encryption_key": "dGVzdCB3cmFwcGVkIGRlaw...",
    "authorization": "eyJhbGciOi...",
    "authentication": "eyJhbGciOi...",
    "algorithm": "RSA/ECB/PKCS1Padding",
    "reason": "decrypt"
}' --compressed

Example Response

{
    "data_encryption_key": "akRQtv3nr+jUhcFL6JmKzB+WzUxbkkMyW5kQsqGUAFc="
}

Response Codes

Response CodeDescription
2xxSuccess
4xxClient errors

Refer to HTTP status codes for details.