Creates and stores a cryptographic key associated with an algorithm according to the parameters entered, within the HSM.
Returns true if the key was created successfully.
If the key name is invalid.
In the event of an error when creating the key.
Key name.
Key algorithm.
Optional
exportable: booleanIf the key is exportable.
Optional
temporary: booleanIf the key is temporary.
Optional
blockchain: booleanWhether the key can be used in blockchain operations.
ATTENTION: Only a few keys will be allowed if blockchain
be informed:
Exports the private part of the asymmetric key stored in the HSM.
Buffer containing the key data according to the KEY_EXPORT_FORMAT format.
If the key name is invalid.
If an error occurs when importing the key.
Key name.
Exports a cryptographic key stored in the HSM.
Buffer containing the key data according to the KEY_EXPORT_FORMAT format.
If the key name is invalid.
If an error occurs when importing the key.
Key name.
Whether the key will be exported in X509 format.
Exports the certificate stored in the HSM in clear text.
Buffer containing the certificate.
If the key name is invalid.
If an error occurs when importing the key.
Key name.
Exports a key encrypted by a KEK (Key Encryption Key).
Buffer containing the key data according to the KEY_EXPORT_FORMAT format.
If the key name is invalid.
If an error occurs when importing the key.
Operating mode for importing the key.
Padding option for KEK operation.
Key name.
Name of the Key Encryption Key (KEK) that will be used to decrypt the imported key.
Optional
iv: stringInitialization Vector. Required for MODE_CBC mode.
Exports a PKCS#8 key from the HSM.
Returns a buffer containing the key data.
If the key name is invalid.
If the key password does not meet the minimum requirements.
If an error occurs when importing the key.
Key name. Minimum $P8_IMPORT_EXPORT_SECRET_MIN_LEN characters, maximum $P8_IMPORT_EXPORT_SECRET_MAX_LEN characters.
Key password.
Exports the private key stored in the HSM in clear text.
Buffer containing the key data according to the KEY_EXPORT_FORMAT format.
If the key name is invalid.
If an error occurs when importing the key.
Key name.
Generates a CSR (Certificate Signing Request).
This is a specialized function of HSM's PKCS#10 CSR generation API.
Returns the CSR in DER format.
If the key name is invalid.
Key name.
Certificate data.
Optional
hashAlgorith: PKCS10_HASH_ALGORITHMHash algorithm to be used to generate the CSR. If not provided, the standard HSM algorithm will be used.
Import a cryptographic key into the HSM.
Returns true if the key was imported successfully
If the key name is invalid.
If an error occurs when importing the key.
Key name.
Data of the key to be imported.
Optional
exportable: booleanIf the key is exportable.
Optional
temporary: booleanIf the key is temporary.
Optional
blockchain: booleanWhether the key can be used in blockchain operations.
Import a certificate into HSM.
Returns true if the certificate was imported successfully.
If the name of the certificate is invalid.
In the event of an error when importing the certificate.
Name of certificate.
Certificate to be imported.
Import a key encrypted by a KEK (Key Encryption Key).
Returns true if the key has been imported.
If the key name is invalid.
If an error occurs when importing the key.
Operating mode for importing the key.
Padding option for KEK operation.
Key name.
Name of the Key Encryption Key (KEK) that will be used to decrypt the imported key.
Object type.
Buffer containing the data of the encrypted key to be imported.
Optional
iv: stringInitialization Vector. Required for MODE_CBC mode.
Optional
exportable: booleanIf the key is exportable.
Optional
temporary: booleanIf the key is temporary.
Optional
blockchain: booleanWhether the key can be used in blockchain operations.
Import a PKCS#8 key for the HSM.
Returns true if the key was imported successfully.
If the key name is invalid.
If the key password does not meet the minimum requirements.
If an error occurs when importing the key.
Key name.
Key type.
Key password. Minimum $P8_IMPORT_EXPORT_SECRET_MIN_LEN characters, maximum $P8_IMPORT_EXPORT_SECRET_MAX_LEN characters.
Key data in PKCS#8 format (base64).
Optional
exportable: booleanIf the key is exportable.
Optional
temporary: booleanIf the key is temporary.
Optional
blockchain: booleanWhether the key can be used in blockchain operations.
ATTENTION: Only a few keys will be allowed if blockchain
be informed:
Description
Locks a key in the HSM.
Returns
Returns true if the key was successfully locked.
Throws
If the key name is invalid.
Throws
In the event of an error when deleting the key.