{"info":{"_postman_id":"5a7ebffe-b769-47ba-a8f4-387836e3e275","name":"SR2 Encryption","description":"Welcome to the SR2 Encryption API Documentation! In this documentation you will find all the tools that you will need to work with your SR2 Encryption API. A few rules to keep in mind.\n- All requests must be made over SSL with TLS 1.2 support to help maintain security.\n- Your plan will come with a unique URL endpoint along with a unique License ID and License Secret.\n- It is extremely important that you keep your License Secret safe and secure. It is what is used to authenticate your requests and to access the encryption keys that we store for you. We do not keep backups of your License Secret in order to maintain the security of your system. So if you lose the License Secret that you are provided you will lose access to your system.\n- All data that is sent to the SR2 Encryption Service must be formatted as a Base64 string, a UUID v4 string, or a plain string. Data that is to be encrypted or signed must be a Base64 string.\n- If you need a new License ID and License Secret, please don't hesitate to contact us at contact@sr2solutions.com or call us at +1-866-422-1199.\n- You may make as many requests as your application needs to, but it will be limited by the number of vCPUs that you purchase as part of your plan. If you think you need to upgrade please contact us at contact@sr2solutions.com or call us at +1-866-422-1199.\n \nYour LicenseID and License Secret are never stored by SR2 Solutions or any of our vendors. We take great steps to insure that your information is kept secret so that only those that you authorize will have access to it. Encryption and Decryption of data will be impossible after that. All key data is encrypted at rest in the SR2 Encryption Server using your License Secret, thus preventing access to the key material by the SR2 Solutions team or, more importantly, any hackers that do manage to break in. If at any time you think someone has gained access without your permission please contact us as soon as possible so that the incident can be investigated and resolved as quickly as possible. Contact us at contact@sr2solutions.com or call us at +1-866-422-1199.\n\nIf you haven't done so, the first thing you will want to do is create an encryption key with /aes/createkey/. If you want to add additional authentication data that would be required when encrypting and decrypting, be sure to include it in the body as AdditionalAuth. This method will return a KeyId. After you have created a key you can then encrypt any data up to 64KB of Base64 data with the KeyId.\n\nEvery project is different, so we leave key rotation to you. To do key management you can deactivate a key which prevents data from being encrypted with that key, but decryption can still be performed. You can also delete a key to securely destroy a key from the SR2 Encryption Service.","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json"},"item":[{"name":"AES Encryption","item":[{"name":"/aes/createkey","id":"9dcde503-601d-4d3f-942b-23eb057251d6","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"AdditionalAuth\": \"a string used for additional authentication. Once set, this cannot be changed and cannot be recovered.\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/createkey","description":"Creates a key for the specified license with the specified options.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- KeyId: if successful, the UUID string of the key which can be used for encryption functions."},"response":[],"_postman_id":"9dcde503-601d-4d3f-942b-23eb057251d6"},{"name":"/aes/encrypt","id":"3c578be1-7213-4f55-b69c-63e90c1b6ef3","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"description":"(optional) additional auth string (base64) for using the key.","key":"x-additionalauth","type":"text","value":"additionalauthenticationdatainbase64format"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"KeyId\": \"The Key ID of the key returned from /aes/createkey\",\n\t\"Plaintext\": \"A Buffer object with the encryption key to use in Base64 format\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/encrypt","description":"Decrypts data from a Base64 string.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- Plaintext: if successful, an unencrypted object in Base64 format."},"response":[],"_postman_id":"3c578be1-7213-4f55-b69c-63e90c1b6ef3"},{"name":"/aes/decrypt","id":"a5a062e2-3888-4e19-b36f-3624afdca3cd","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"description":"(optional) additional auth string (base64) for using the key.","key":"x-additionalauth","type":"text","value":"additionalauthenticationdatainbase64format"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"CipherText\": \"The Base64 string that was return by /aes/encrypt/\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/decrypt","description":"Decrypts data from a Base64 string.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- Plaintext: if successful, an unencrypted object in Base64 format."},"response":[],"_postman_id":"a5a062e2-3888-4e19-b36f-3624afdca3cd"},{"name":"/aes/listkeys","id":"fd5105de-b8de-43e2-a235-083db85a9f63","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/listkeys","description":"Lists all keys in the current license including creation date, active status, and Additional Auth Status.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- Keys: if successful, a collection of all encryption keys available in your account."},"response":[],"_postman_id":"fd5105de-b8de-43e2-a235-083db85a9f63"},{"name":"/aes/deactivatekey","id":"749fe041-565a-49c5-bc95-3b3ac59be957","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"description":"(optional) additional auth string (base64) for using the key.","key":"x-additionalauth","type":"text","value":"additionalauthenticationdatainbase64format"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"KeyId\": \"The Key ID of the key returned from /aes/createkey\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/deactivatekey","description":"Deactivates a key and sets Active to false. When this is done, a key can no longer be used for encryption. But decryption is allowed.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\"."},"response":[],"_postman_id":"749fe041-565a-49c5-bc95-3b3ac59be957"},{"name":"/aes/deletekey","id":"00fe0b03-bc38-4eaa-9866-130a0939bf72","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"description":"(optional) additional auth string (base64) for using the key.","key":"x-additionalauth","type":"text","value":"additionalauthenticationdatainbase64format"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"KeyId\": \"The Key ID of the key returned from /aes/createkey\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/deletekey","description":"Deletes a key from storage. When this is done, a key can no longer be used for encryption or decryption.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\"."},"response":[],"_postman_id":"00fe0b03-bc38-4eaa-9866-130a0939bf72"},{"name":"/aes/reencrypt","id":"62ae8021-bc6c-4309-8882-e5f81534bb51","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"description":"(optional) additional auth string (base64) for using the key.","key":"x-additionalauth","type":"text","value":"additionalauthenticationdatainbase64format"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"CipherText\": \"The Base64 string that was return by /aes/encrypt/\",\n\t\"DestinationKeyId\": \"The Key ID of the new EncryptionKey to use\",\n\t\"DestinationAdditionalAuth\": \"(optional) additional auth string (base64) for using the new key.\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/reencrypt","description":"Safely decrypts data and then reencrypts it with a new key.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- Plaintext: if successful, an unencrypted object in Base64 format."},"response":[],"_postman_id":"62ae8021-bc6c-4309-8882-e5f81534bb51"},{"name":"/aes/generateKeyData","id":"1f3ad0e3-c528-4849-921e-b7fd2fa21797","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"description":"(optional) additional auth string (base64) for using the key.","key":"x-additionalauth","type":"text","value":"additionalauthenticationdatainbase64format"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"KeyId\": \"The Key ID of the key returned from /aes/createkey. This key will be used to encrypt the key being generated.\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/generatekeydata","description":"Generates Key Data suitable for encrypted data locally with AES 256.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- CipherText: if successful, an encrypted AES 256 key.\n- Plaintext: if successful, an unencrypted AES 256 key."},"response":[],"_postman_id":"1f3ad0e3-c528-4849-921e-b7fd2fa21797"},{"name":"/aes/generateKeyDataWithoutPlaintext","id":"e4e73517-48f0-4e1b-9659-3dcf0940cab5","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"description":"(optional) additional auth string (base64) for using the key.","key":"x-additionalauth","type":"text","value":"additionalauthenticationdatainbase64format"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"KeyId\": \"The Key ID of the key returned from /aes/createkey. This key will be used to encrypt the key being generated.\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/generatekeydatawithoutplaintext","description":"Generates Key Data suitable for encrypted data locally with AES 256 without including the plaintext version of the key data.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- CipherText: if successful, an encrypted AES 256 key."},"response":[],"_postman_id":"e4e73517-48f0-4e1b-9659-3dcf0940cab5"},{"name":"/aes/generateRandomData","id":"01eef507-5e14-4b1e-bc89-c6cf21928b5c","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"DataLength\": \"The length of the random data to be generated.\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/generaterandomdata","description":"Generates random data of a specified length.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- RandomData: if successful, the random data in base64 format"},"response":[],"_postman_id":"01eef507-5e14-4b1e-bc89-c6cf21928b5c"}],"id":"3af2bcbf-0e93-43e6-8980-3a1fdacf9992","description":"Use the AES collection of endpoints to:\n- Create Encryption Keys\n- Encrypt and Decrypt data\n- Rotate, Deactivate, and Delete Encryption Keys\n- Reencrypt data using a new Encryption Key\n- Generate strong AES 256bit keys usable for encryption within your own system.\n- Generate cryptographically random data of a length that you specify.\n \nAll responses from these endpoints will include a Signature header that is signed using the RSA-SHA256 hashing algorithm with a secured RSA 4096 public/private key pair that is unique to your SR2 Encryption service. These signatures can be verified using /dsa/verify/","event":[{"listen":"prerequest","script":{"id":"857c2504-d4d8-4d52-8f05-3261b10d834a","type":"text/javascript","exec":[""]}},{"listen":"test","script":{"id":"329302ea-f4cb-40e2-ab42-841292d46ece","type":"text/javascript","exec":[""]}}],"_postman_id":"3af2bcbf-0e93-43e6-8980-3a1fdacf9992"},{"name":"Digital Signatures","item":[{"name":"/dsa/sign","id":"47c5580a-b321-4ddd-9e48-67c0773167df","request":{"method":"POST","header":[{"description":"the id of the license. A UUID v4 string.","key":"x-licenseid","type":"text","value":"6fdad058-eff1-488c-82b0-b3fd5a5bc737"},{"description":"a Base64 string containing the user's secret value. Stored using Bcrypt.","key":"x-licensesecret","type":"text","value":"somebase64secret"},{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"Plaintext\": \"A Buffer object with the encryption key to use in Base64 format\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/sign","description":"Signs data using the specified passphrase for the private key.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- Signature: if successful, a Base64 string of the signature."},"response":[],"_postman_id":"47c5580a-b321-4ddd-9e48-67c0773167df"},{"name":"/dsa/verify","id":"2a0e77b5-3374-4299-b0cb-a1edaf668d56","request":{"method":"POST","header":[{"key":"Content-Type","name":"Content-Type","type":"text","value":"application/json"}],"body":{"mode":"raw","raw":"{\n\t\"Plaintext\": \"A Buffer object with the encryption key to use in Base64 format\",\n\t\"Signature\": \"A Base64 string of the signature to verify.\"\n}"},"url":"https://yourendpoint.sr2solutions.com/aes/verify","description":"Verifies data against its signature.\n\nReturns a json/application object with the following values:\n- status: \"success\" or \"failure\".\n- Verified: if successful, a boolean value that is true if the signature was verified or false if the signature failed verification."},"response":[],"_postman_id":"2a0e77b5-3374-4299-b0cb-a1edaf668d56"}],"id":"45d67700-a775-4102-9f63-b8ef0f185706","description":"Use the DSA collection of endpoints to:\n- Sign any Base64 data with your unique RSA 4096 key that is securely stored on your SR2 Encryption Service.\n- Verify any signatures that were generated by this system.","event":[{"listen":"prerequest","script":{"id":"a6deba3c-6b3d-4472-bcd3-bfd5d3161514","type":"text/javascript","exec":[""]}},{"listen":"test","script":{"id":"355cd2bf-153d-43f2-8b5d-fcc8459111f0","type":"text/javascript","exec":[""]}}],"_postman_id":"45d67700-a775-4102-9f63-b8ef0f185706"}],"event":[{"listen":"prerequest","script":{"id":"b6cb3fe6-a8fd-4288-b8e9-6a33a7275cc9","type":"text/javascript","exec":[""]}},{"listen":"test","script":{"id":"af4deb31-2f63-4458-bfe5-ec553b94663e","type":"text/javascript","exec":[""]}}]}