The GlideCertificateEncryption API provides methods for encrypting certificates.

Use these methods to generate a hash for the certificate, sign data using a private key, and generate a message authentication code.

GlideCertificateEncryption - GlideCertificateEncryption()

Instantiates a GlideCertificateEncryption object.

Table 1. Parameters
Name Type Description
None

Scoped equivalent

To use the GlideCertificateEncryption() constructor in a scoped application, use the corresponding scoped constructor: CertificateEncryption().

GlideCertificateEncryption - generateMac(String key, String algorithm, String data)

Generates the Message Authentication Code (MAC), which is used to authenticate a message.

Table 2. Parameters
Name Type Description
key String Key to use to sign the message. Must be Base64 encoded.
algorithm String Algorithm to use to generate the MAC: HmacSHA256, HmacSHA1, HmacMD5, and so on.
data String Data to process.
Table 3. Returns
Type Description
String MAC in base64 format.

Example

var mac = new GlideCertificateEncryption;
var key = "sample_key"; 
key = GlideStringUtil.base64Encode(key);
mac.generateMac(key, "HmacSHA256", "sample_data");

Scoped equivalent

To use the generateMac() method in a scoped application, use the corresponding scoped method: generateMac().

GlideCertificateEncryption - getThumbPrint(String certificateID, String algorithm)

Generates a hash (SHA-1, SHA-256, and so on) for the certificate from Trust Store Cert.

Table 4. Parameters
Name Type Description
certificateID String sys_id of the certificate record in the X.509 Certificate [sys_certificate] table.
algorithm String SHA-1, SHA-256, and so on
Table 5. Returns
Type Description
String Thumbprint in base64 format.

Scoped equivalent

To use the getThumbPrint() method in a scoped application, use the corresponding scoped method: getThumbPrint().

GlideCertificateEncryption - getThumbPrintFromKeystore(String certificateID, String alias, String algorithm)

Generates a hash (SHA-1, SHA-256, and so on) for the certificate from the key store entry.

Table 6. Parameters
Name Type Description
certificateID String sys_id of the certificate record in the X.509 Certificate [sys_certificate] table.
alias String Alias name for the certificate.
algorithm String SHA-1, SHA-256, and so on.
Table 7. Returns
Type Description
String Thumbprint in base64 format.

Scoped equivalent

To use the getThumbPrintFromKeystore() method in a scoped application, use the corresponding scoped method: getThumbPrintFromKeystore().

GlideCertificateEncryption - sign(String certificateID, String alias, String aliaspassword, String algorithm, String datatosign)

Signs the data using the private key and the given algorithm.

Table 8. Parameters
NameTypeDescription
certificateID String sys_id of the certificate record in the X.509 Certificate [sys_certificate] table.
alias String Private key name.
aliaspassword String Password for the private key.
datatosign String Data to sign.
algorithm String SHA-1, SHA-256, and so on.
Table 9. Returns
Type Description
String Signed data in base64 format.

Example

var gce = new GlideCertificateEncryption;
gce.sign("recordID", "alias", "password", "SHA-1", "sign this data");

Scoped equivalent

To use the sign() method in a scoped application, use the corresponding scoped method: sign().