The linktool currently uses SakaiSigning.jws for handshaking between external application and Sakai. These webservices use an encrypted form of sessionId for validation. Unfortunately an unencrypted form of the sessionId is required for compatibility with other webservices offered in SakaiScript.
Suggest adding a new service:
public String decryptsession(String esession)