Minimum number of parts needed to reconstruct the secret. Minimum of constants.M_OF_N_SECRET_MIN_N and the maximum must be less than or equal to n.
Total number of parts generated. Minimum of constants.M_OF_N_SECRET_MIN_N and maximum of constants.M_OF_N_SECRET_MAX_N.
Secret that will be shared in several parts. It must be constants.M_OF_N_SECRET_LEN characters long. NULL can be passed so that a secret is randomly generated by the HSM, in which case the value will be returned in interfaces.cryptography.MofNSplit.
Returns a buffer with the secret split.
exceptions.HsmError If it is not possible to split the secret or an error occurs in the operation.
Example code: Dividing a secret into M from N
Reconstructs the secret M of N from the parts of the custodians. According to Shamir's secret-sharing pattern.
Array of buffers with the parts of the secret generated by the Cryptography.mOfnSplit function.
Returns a buffer with the reconstructed secret.
exceptions.HsmError If the secret cannot be reconstructed or an error occurs in the operation.
Example code: Reconstructing a secret in M from N
Signs data using an RSA private key.
Key name.
Algorithm used to generate the hash of the data.
Hash of the data to be signed.
Type of padding to be used in the signature.
Returns a buffer with the data signature.
exceptions.HsmError If it is not possible to sign the data or there is an error in the operation.
Example code: Signing hash with RSA
Verifies a data signature using an RSA key.
Key name.
Algorithm used to generate the hash of the data.
Type of padding to be used in the signature.
Hash of the data to be verified.
Signature of the data to be verified.
Returns true if the signature is valid and false otherwise.
exceptions.HsmError If it is not possible to verify the signature or an error occurs in the operation.
Example code: Verifying hash signatures with RSA
Signs data using an ECC private key.
Key name.
Algorithm used to generate the hash of the data.
Hash of the data to be signed.
Returns a buffer with the data signature.
exceptions.HsmError If it is not possible to sign the data or there is an error in the operation.
Example code: Signing hash with ECC
Verifies a data signature using an ECC key.
Key name.
Algorithm used to generate the hash of the data.
Hash of the data to be verified.
Signature of the data to be verified.
Returns true if the signature is valid and false otherwise.
exceptions.HsmError If it is not possible to verify the signature or an error occurs in the operation.
Example code: Verifying hash signatures with ECC
Signs data using an EdDSA private key.
Key name.
Hash of the data to be signed.
Returns a buffer with the data signature.
exceptions.HsmError If it is not possible to sign the data or there is an error in the operation.
Example code: Signing hash with EdDSA
Verifies a data signature using an EdDSA key.
Key name.
Hash of the data to be verified.
Signature of the data to be verified.
Returns true if the signature is valid and false otherwise.
exceptions.HsmError If it is not possible to verify the signature or an error occurs in the operation.
Example code: Verifying hash signatures with EdDSA
Unwrap data using an RSA key.
Name of the RSA private key.
Given that it will be de-enveloped.
Filling option used in data encryption.
Returns the de-enveloped data.
exceptions.HsmError If it is not possible to de-envelope the data or an error occurs in the operation.
Envelopes data using an RSA public key.
RSA public key that will be used to envelop the data.
Given that it will be enveloped.
Filling option used in data encryption.
Returns the enveloped data.
exceptions.HsmError If the data cannot be enveloped or an error occurs in the operation.
Returns a set of pseudo-random bytes of size len for use in cryptography.
Number of bytes to be generated. The value should be between 0 and 4294967295
Returns a buffer containing a set of pseudo-random bytes of size len.
exceptions.HsmError If it is not possible to retrieve the bytes or there is an error in the operation.
Example code: Generating a set of random bytes
Divides M from N in a secret. According to Shamir's secret sharing pattern.