JavaScript HSM API Dinamo
    Preparing search index...

    Cryptography Interface

    interface Cryptography {
        mOfnSplit(
            m: number,
            n: number,
            secret?: string | null,
        ): Promise<hsm.interfaces.cryptography.MofNSplit>;
        mOfNRecover(
            parts: Buffer<ArrayBufferLike>[],
        ): Promise<Buffer<ArrayBufferLike>>;
        rsaSign(
            keyName: string,
            hashAlgorithm: HASH_ALGORITHMS,
            hash: Buffer,
            pad: PAD_TYPE,
        ): Promise<Buffer<ArrayBufferLike>>;
        rsaVerify(
            keyName: string,
            hashAlgorithm: HASH_ALGORITHMS,
            pad: PAD_TYPE,
            hash: Buffer,
            signature: Buffer,
        ): Promise<boolean>;
        eccSign(
            keyName: string,
            hashAlgorithm: HASH_ALGORITHMS,
            hash: Buffer,
        ): Promise<Buffer<ArrayBufferLike>>;
        eccVerify(
            keyName: string,
            hashAlgorithm: HASH_ALGORITHMS,
            hash: Buffer,
            signature: Buffer,
        ): Promise<boolean>;
        eddsaSign(keyName: string, hash: Buffer): Promise<Buffer<ArrayBufferLike>>;
        eddsaVerify(
            keyName: string,
            hash: Buffer,
            signature: Buffer,
        ): Promise<boolean>;
        dataUnenvelop(
            keyName: string,
            data: Buffer,
            paddingOption: ENC_DEC_PADDING,
        ): Promise<Buffer<ArrayBufferLike>>;
        dataEnvelop(
            pubKey: Buffer,
            keyLength: RSA_LENGTH_KEYS,
            data: Buffer,
            paddingOption: ENC_DEC_PADDING,
        ): Promise<Buffer<ArrayBufferLike>>;
        genRand(len: number): Promise<Buffer<ArrayBufferLike>>;
    }
    Index

    Methods

    mOfnSplit mOfNRecover rsaSign rsaVerify eccSign eccVerify eddsaSign eddsaVerify dataUnenvelop dataEnvelop genRand

    Methods

    • Reconstructs the secret M of N from the parts of the custodians. According to Shamir's secret-sharing pattern.

      Parameters

      • parts: Buffer<ArrayBufferLike>[]

        Array of buffers with the parts of the secret generated by the Cryptography.mOfnSplit function.

      Returns Promise<Buffer<ArrayBufferLike>>

      Returns a buffer with the reconstructed secret.

      This method is legacy. Use interfaces.management.Management.recoverSVMK instead.

      exceptions.HsmError If the secret cannot be reconstructed or an error occurs in the operation.

      Example code: Reconstructing a secret in M from N

    • Signs data using an RSA private key.

      Parameters

      • keyName: string

        Key name.

      • hashAlgorithm: HASH_ALGORITHMS

        Algorithm used to generate the hash of the data.

      • hash: Buffer

        Hash of the data to be signed.

      • pad: PAD_TYPE

        Type of padding to be used in the signature.

      Returns Promise<Buffer<ArrayBufferLike>>

      Returns a buffer with the data signature.

      exceptions.HsmError If it is not possible to sign the data or there is an error in the operation.

      Example code: Signing hash with RSA

    • Verifies a data signature using an RSA key.

      Parameters

      • keyName: string

        Key name.

      • hashAlgorithm: HASH_ALGORITHMS

        Algorithm used to generate the hash of the data.

      • pad: PAD_TYPE

        Type of padding to be used in the signature.

      • hash: Buffer

        Hash of the data to be verified.

      • signature: Buffer

        Signature of the data to be verified.

      Returns Promise<boolean>

      Returns true if the signature is valid and false otherwise.

      exceptions.HsmError If it is not possible to verify the signature or an error occurs in the operation.

      Example code: Verifying hash signatures with RSA

    • Signs data using an ECC private key.

      Parameters

      • keyName: string

        Key name.

      • hashAlgorithm: HASH_ALGORITHMS

        Algorithm used to generate the hash of the data.

      • hash: Buffer

        Hash of the data to be signed.

      Returns Promise<Buffer<ArrayBufferLike>>

      Returns a buffer with the data signature.

      exceptions.HsmError If it is not possible to sign the data or there is an error in the operation.

      Example code: Signing hash with ECC

    • Verifies a data signature using an ECC key.

      Parameters

      • keyName: string

        Key name.

      • hashAlgorithm: HASH_ALGORITHMS

        Algorithm used to generate the hash of the data.

      • hash: Buffer

        Hash of the data to be verified.

      • signature: Buffer

        Signature of the data to be verified.

      Returns Promise<boolean>

      Returns true if the signature is valid and false otherwise.

      exceptions.HsmError If it is not possible to verify the signature or an error occurs in the operation.

      Example code: Verifying hash signatures with ECC

    • Signs data using an EdDSA private key.

      Parameters

      • keyName: string

        Key name.

      • hash: Buffer

        Hash of the data to be signed.

      Returns Promise<Buffer<ArrayBufferLike>>

      Returns a buffer with the data signature.

      exceptions.HsmError If it is not possible to sign the data or there is an error in the operation.

      Example code: Signing hash with EdDSA

    • Verifies a data signature using an EdDSA key.

      Parameters

      • keyName: string

        Key name.

      • hash: Buffer

        Hash of the data to be verified.

      • signature: Buffer

        Signature of the data to be verified.

      Returns Promise<boolean>

      Returns true if the signature is valid and false otherwise.

      exceptions.HsmError If it is not possible to verify the signature or an error occurs in the operation.

      Example code: Verifying hash signatures with EdDSA

    • Unwrap data using an RSA key.

      Parameters

      • keyName: string

        Name of the RSA private key.

      • date: Buffer

        Given that it will be de-enveloped.

      • paddingOption: ENC_DEC_PADDING

        Filling option used in data encryption.

      Returns Promise<Buffer<ArrayBufferLike>>

      Returns the de-enveloped data.

      exceptions.HsmError If it is not possible to de-envelope the data or an error occurs in the operation.

    • Envelopes data using an RSA public key.

      Parameters

      • pubKey: Buffer

        RSA public key that will be used to envelop the data.

      • keyLength: RSA_LENGTH_KEYS

        RSA key size.

      • date: Buffer

        Given that it will be enveloped.

      • paddingOption: ENC_DEC_PADDING

        Filling option used in data encryption.

      Returns Promise<Buffer<ArrayBufferLike>>

      Returns the enveloped data.

      exceptions.HsmError If the data cannot be enveloped or an error occurs in the operation.

    • Returns a set of pseudo-random bytes of size len for use in cryptography.

      Parameters

      • len: number

        Number of bytes to be generated. The value must be between 0 and 4294967295.

      Returns Promise<Buffer<ArrayBufferLike>>

      Returns a buffer containing a set of pseudo-random bytes of size len.

      exceptions.HsmError If it is not possible to retrieve the bytes or there is an error in the operation.

      Example code: Generating a set of random bytes

    Settings

    On This Page

    Methods