Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

Related APIs

Decrypting Content Encryption Keys (privatekeydecrypt)

search

Decrypting Content Encryption Keys (privatekeydecrypt)

The POST /v1/cckm/GoogleWorkspaceCSE/endpoints/{id}/privatekeydecrypt API is called to unwrap the content encryption key. This API returns the base64 data encryption key. This key will be used by Google Workspace CSE to decrypt the Gmail message.

Syntax

curl -k 'https://127.0.0.1/api/v1/cckm/GoogleWorkspaceCSE/endpoints/{id}/privatekeydecrypt' -H 'Content-Type: application/json' --data-binary $'{\n  "wrapped_private_key": "<wrapped private key>",\n  "authorization": "<authorization jwt>",\n  "authentication": "<authentication jwt>",\n "algorithm": "<algorithm>",\n  "encrypted_data_encryption_key": "<encrypted data encryption key>",\n "reason": ""\n}' --compressed

Request Parameters

Parameter Type Description
id string ID of the endpoint. To find out the ID of an endpoint, refer to Viewing KACLS Endpoints.
algorithm string Algorithm that was used to encrypt the private key.
encrypted_data_encryption_key string The base64 encoded encrypted data encryption key.
wrapped_private_key string The base64 encoded wrapped private key.
authorization string A JWT asserting that the user is allowed to unwrap the private key.
authentication string A JWT issued by a third party asserting who the user is.
reason string Additional information about the operation.
rsa_oaep_label int The base64 encoded label L if the algorithm is RSAES-OAEP.

Example Request

curl -k 'https://127.0.0.1/api/v1/cckm/GoogleWorkspaceCSE/endpoints/7d03-4e2d-c1583936-a0ae-3a1ae2d2e200/privatekeydecrypt' -H 'Content-Type: application/json' --data-binary $'
{
    "wrapped_private_key": "wHrlNOTI9mU6PBdqiq7EQA...",
    "encrypted_data_encryption_key": "dGVzdCB3cmFwcGVkIGRlaw...",
    "authorization": "eyJhbGciOi...",
    "authentication": "eyJhbGciOi...",
    "algorithm": "RSA/ECB/PKCS1Padding",
    "reason": "decrypt"
}' --compressed

Example Response

{
    "data_encryption_key": "akRQtv3nr+jUhcFL6JmKzB+WzUxbkkMyW5kQsqGUAFc="
}

Response Codes

Response Code Description
2xx Success
4xx Client errors

Refer to HTTP status codes for details.