Interface Key

Hierarchy

  • Key

Methods

block create delete exportAsymmetricPrivate exportAsymmetricPub exportCertClearText exportKekWrap exportPKCS8 exportSymmetric generatePKCS10 import importCertificate importKekWrap importPKCS8 unblock

Methods

block

  • Description

    Locks a key in the HSM.

    Returns

    Returns true if the key was successfully locked.

    Throws

    If the key name is invalid.

    Throws

    In the event of an error when deleting the key.

    Parameters

    • name: string

      Key name.

    Returns Promise<boolean>

create

delete

  • Description

    Deletes a key stored in the HSM.

    Returns

    Returns true if the key was successfully deleted.

    Throws

    If the key name is invalid.

    Throws

    In the event of an error when deleting the key.

    Parameters

    • name: string

      Key name.

    Returns Promise<boolean>

exportAsymmetricPrivate

  • Description

    Exports the private part of the asymmetric key stored in the HSM.

    Returns

    Buffer containing the key data according to the KEY_EXPORT_FORMAT format.

    Throws

    If the key name is invalid.

    Throws

    If an error occurs when importing the key.

    Parameters

    • name: string

      Key name.

    Returns Promise<Buffer>

exportAsymmetricPub

  • Description

    Exports a cryptographic key stored in the HSM.

    Returns

    Buffer containing the key data according to the KEY_EXPORT_FORMAT format.

    Throws

    If the key name is invalid.

    Throws

    If an error occurs when importing the key.

    Parameters

    • name: string

      Key name.

    • x509: boolean

      Whether the key will be exported in X509 format.

    Returns Promise<Buffer>

exportCertClearText

  • Description

    Exports the certificate stored in the HSM in clear text.

    Returns

    Buffer containing the certificate.

    Throws

    If the key name is invalid.

    Throws

    If an error occurs when importing the key.

    Parameters

    • name: string

      Key name.

    Returns Promise<Buffer>

exportKekWrap

  • Description

    Exports a key encrypted by a KEK (Key Encryption Key).

    Returns

    Buffer containing the key data according to the KEY_EXPORT_FORMAT format.

    Throws

    If the key name is invalid.

    Throws

    If an error occurs when importing the key.

    Parameters

    • mode: KEK_MODE | UNUSED_MODE

      Operating mode for importing the key.

    • pad: KEK_WRAP_PADDING

      Padding option for KEK operation.

    • name: string

      Key name.

    • kekKeyName: string

      Name of the Key Encryption Key (KEK) that will be used to decrypt the imported key.

    • Optional iv: string

      Initialization Vector. Required for MODE_CBC mode.

    Returns Promise<Buffer>

exportPKCS8

  • Description

    Exports a PKCS#8 key from the HSM.

    Returns

    Returns a buffer containing the key data.

    Throws

    If the key name is invalid.

    Throws

    If the key password does not meet the minimum requirements.

    Throws

    If an error occurs when importing the key.

    Parameters

    Returns Promise<Buffer>

exportSymmetric

  • Description

    Exports the private key stored in the HSM in clear text.

    Returns

    Buffer containing the key data according to the KEY_EXPORT_FORMAT format.

    Throws

    If the key name is invalid.

    Throws

    If an error occurs when importing the key.

    Parameters

    • name: string

      Key name.

    Returns Promise<Buffer>

generatePKCS10

  • Description

    Generates a CSR (Certificate Signing Request).
    This is a specialized function of HSM's PKCS#10 CSR generation API.

    Returns

    Returns the CSR in DER format.

    Throws

    If the key name is invalid.

    Parameters

    • keyName: string

      Key name.

    • dn: X500DistinguishedName

      Certificate data.

    • Optional hashAlgorith: PKCS10_HASH_ALGORITHM

      Hash algorithm to be used to generate the CSR. If not provided, the standard HSM algorithm will be used.

    Returns Promise<Buffer>

import

  • Description

    Import a cryptographic key into the HSM.

    Returns

    Returns true if the key was imported successfully

    Throws

    If the key name is invalid.

    Throws

    If an error occurs when importing the key.

    Parameters

    • name: string

      Key name.

    • algorithm: SYMMETRICAL_KEYS | RSA_ASYMMETRIC_KEYS | HMAC_KEYS | ALT_BN128

      Key algorithm. Same algorithm used to create the key using the create function

    • date: Buffer

      Data of the key to be imported.

    • Optional exportable: boolean

      If the key is exportable.

    • Optional temporary: boolean

      If the key is temporary.

    • Optional blockchain: boolean

      Whether the key can be used in blockchain operations.

    Returns Promise<boolean>

importCertificate

  • Description

    Import a certificate into HSM.

    Returns

    Returns true if the certificate was imported successfully.

    Throws

    If the name of the certificate is invalid.

    Throws

    In the event of an error when importing the certificate.

    Parameters

    • name: string

      Name of certificate.

    • certData: Buffer

      Certificate to be imported.

    Returns Promise<boolean>

importKekWrap

  • Description

    Import a key encrypted by a KEK (Key Encryption Key).

    Returns

    Returns true if the key has been imported.

    Throws

    If the key name is invalid.

    Throws

    If an error occurs when importing the key.

    Parameters

    • mode: KEK_MODE | UNUSED_MODE

      Operating mode for importing the key.

    • pad: KEK_WRAP_PADDING

      Padding option for KEK operation.

    • name: string

      Key name.

    • kekKeyName: string

      Name of the Key Encryption Key (KEK) that will be used to decrypt the imported key.

    • objType: ECC_ASYMMETRIC_SWITCHES | SYMMETRICAL_KEYS | RSA_ASYMMETRIC_KEYS | ECX_ASYMMETRIC_SWITCHES

      Object type.

    • date: Buffer

      Buffer containing the data of the encrypted key to be imported.

    • Optional iv: string

      Initialization Vector. Required for MODE_CBC mode.

    • Optional exportable: boolean

      If the key is exportable.

    • Optional temporary: boolean

      If the key is temporary.

    • Optional blockchain: boolean

      Whether the key can be used in blockchain operations.

    Returns Promise<boolean>

importPKCS8

  • Description

    Import a PKCS#8 key for the HSM.

    Returns

    Returns true if the key was imported successfully.

    Throws

    If the key name is invalid.

    Throws

    If the key password does not meet the minimum requirements.

    Throws

    If an error occurs when importing the key.

    Parameters

    Returns Promise<boolean>

unblock

  • Description

    Unlocks a key in the HSM.

    Returns

    Returns true if the key was successfully unlocked.

    Throws

    If the key name is invalid.

    Throws

    In the event of an error when deleting the key.

    Parameters

    • name: string

      Key name.

    Returns Promise<boolean>

Settings

Theme