Class HSMKeyStore
Class implementing some simple access functions to generate key pairs and store certificates
Defined in: HSMKeyStore.js.
Constructor Attributes | Constructor Name and Description |
---|---|
HSMKeyStore(sc)
Create a simple key store front-end
|
Method Attributes | Method Name and Description |
---|---|
deleteCACertificate(label)
Delete CA certificate with given label
|
|
deleteKey(labelOrIdOrKey)
Delete key and certificate with given label
|
|
Return list of keys
|
|
exportKey(labelOrIdOrKey)
Export a key blob, meta data and certificate
|
|
generateECCKeyPair(label, curve)
Generate an ECDSA key pair
|
|
generateKey(label, initialized)
Generate a symmetric key
|
|
generateKeyPair(label, initialized)
Generate a key pair
|
|
generateRSAKeyPair(label, keysize)
Generate a RSA key pair
|
|
getCertificate(labelOrIdOrKey)
Get raw certificate for given label
|
|
getEndEntityCertificate(labelOrIdOrKey)
Get certificate for given label
|
|
getKey(the)
Get key for given label
|
|
hasCertificate(labelOrIdOrKey)
Check if key has a certificate
|
|
hasKey(the)
Check if key with label exists
|
|
importAESKey(label, keyblob, keysize, keyid)
Import an AES key blob
|
|
importECCKey(label, keyblob, keysize, keyid)
Import an ECC key blob
|
|
importKey(keywrap)
Import a key blob, meta data and certificate
|
|
importRSAKey(label, keyblob, keysize, keyid)
Import a RSA key blob
|
|
storeCACertificate(label, cert)
Store CA certificate under given label
|
|
storeEndEntityCertificate(labelOrIdOrKey, cert)
Store certificate under given label
|
Class Detail
HSMKeyStore(sc)
Create a simple key store front-end
- Parameters:
- {SmartCardHSM} sc
- the SmartCard-HSM card service
Method Detail
deleteCACertificate(label)
Delete CA certificate with given label
- Parameters:
- {String} label
- the label of certificate to be removed
deleteKey(labelOrIdOrKey)
Delete key and certificate with given label
- Parameters:
- {String/Number/Key} labelOrIdOrKey
- the label, id or object of the key to be removed
{String[]}
enumerateKeys()
Return list of keys
- Returns:
- the list of key names
{ByteString}
exportKey(labelOrIdOrKey)
Export a key blob, meta data and certificate
- Parameters:
- {String/Number/Key} labelOrIdOrKey
- the label, id or object of the key to be removed
- Returns:
- the blob with key, meta data and certificate
generateECCKeyPair(label, curve)
Generate an ECDSA key pair
- Parameters:
- {String} label
- the label under which the key pair shall be stored
- {String} curve
- the curve object identifier
{ByteString}
generateKey(label, initialized)
Generate a symmetric key
- Parameters:
- {String} label
- the label under which the key shall be stored
- {SmartCardHSMKeySpecGenerator} initialized
- key spec generator
- Returns:
- the new key wrapped with the symmetric key defined with SmartCardHSMKeySpecGenerator.setWrappingKey()
{CVC}
generateKeyPair(label, initialized)
Generate a key pair
- Parameters:
- {String} label
- the label under which the key pair shall be stored
- {SmartCardHSMKeySpecGenerator} initialized
- key spec generator
- Returns:
- the authenticated request
generateRSAKeyPair(label, keysize)
Generate a RSA key pair
- Parameters:
- {String} label
- the label under which the key pair shall be stored
- {Number} keysize
- the key size in bits (1024, 1536 or 2048)
{ByteString}
getCertificate(labelOrIdOrKey)
Get raw certificate for given label
- Parameters:
- {String/Number/Key} labelOrIdOrKey
- the certificate label, id or key
- Returns:
- the certificate
{X509}
getEndEntityCertificate(labelOrIdOrKey)
Get certificate for given label
- Parameters:
- {String/Number/Key} labelOrIdOrKey
- the certificate label, id or key
- Returns:
- the certificate
{Key}
getKey(the)
Get key for given label
- Parameters:
- {String / Number} the
- key label or id
- Returns:
- the key
{Boolean}
hasCertificate(labelOrIdOrKey)
Check if key has a certificate
- Parameters:
- {String/Number/Key} labelOrIdOrKey
- the certificate label, id or key
- Returns:
- true of a certificate is present
{Boolean}
hasKey(the)
Check if key with label exists
- Parameters:
- {String / Number} the
- key label or id
- Returns:
- true if key exists
importAESKey(label, keyblob, keysize, keyid)
Import an AES key blob
- Parameters:
- {String} label
- the key label
- {ByteString} keyblob
- the binary key in SmartCard-HSM format
- {Number} keysize
- in bits
- {ByteString} keyid
- the PKCS#15 key id (CKA_ID)
{SmartCardHSMKey}
importECCKey(label, keyblob, keysize, keyid)
Import an ECC key blob
- Parameters:
- {String} label
- the key label
- {ByteString} keyblob
- the binary key in SmartCard-HSM format
- {Number} keysize
- in bits
- {Number/ByteString} keyid
- the optional PKCS#15 key identifier. Default value is the next free key id of the SmartCard-HSM.
importKey(keywrap)
Import a key blob, meta data and certificate
- Parameters:
- {ByteString} keywrap
- the binary key in SmartCard-HSM format
{SmartCardHSMKey}
importRSAKey(label, keyblob, keysize, keyid)
Import a RSA key blob
- Parameters:
- {String} label
- the key label
- {ByteString} keyblob
- the binary key in SmartCard-HSM format
- {Number} keysize
- in bits
- {Number/ByteString} keyid
- the optional PKCS#15 key identifier. Default value is the next free key id of the SmartCard-HSM.
storeCACertificate(label, cert)
Store CA certificate under given label
- Parameters:
- {String} label
- the label under which the certificate shall be stored
- {X509} cert
- the certificate
storeEndEntityCertificate(labelOrIdOrKey, cert)
Store certificate under given label
- Parameters:
- {String/Number/Key} labelOrIdOrKey
- the label, id or object of the key for which the certificate should be stored
- {X509} cert
- the certificate