How to decrypt the contact cookie

  1. Contact S-360 support to ask for:
    • the private key associated to your institution (to decrypt the data)
    • S-360 certificate (to check that the cookie was emitted by S-360)
  2. Extract the additionnal data from the cookie. You should obtain a JSON String like that:

And if there is no additionnal data in your cookie?
Open a service in S-360 service desk to add this feature. S-360 team will then provide you with the appropriate private key.

  1. Decrypt the cookie and check the digest:
    • Decrypt de key of the cookie: do Base64 decoding, then decrypt it using your institution's private RSA key.
    • Decrypt the data using the decrypted AES key.
    • Check the digest using secutix public certificate.
    • The following example in java will show you how to proceed. example in Java on how to read the content of the cookie.

The contact cookie will look like this in the browser: Contact cookie