Class Index | File Index

Classes


Class DKEK


Defined in: DKEK.js.

Class Summary
Constructor Attributes Constructor Name and Description
 
DKEK(crypto)
Class supporting DKEK functions outside the SmartCard-HSM
Method Summary
Method Attributes Method Name and Description
 
Zeroize DKEK
 
convertCRT2PEM(pri, pub)
Wrap RSA or ECC key
<static>  
DKEK.decryptKeyShare(keyshare, password)
Decrypt a DKEK share
<static>  
DKEK.deriveDKEKShareKey(password, password)
Derive DKEK share encryption key from password
 
Wrap AES key
 
encodeKey(pri, pub)
Wrap RSA or ECC key
<static>  
DKEK.encryptKeyShare(keyshare, password)
Encrypt a DKEK share
 
Return the Key Check Value (KCV) of the internal DKEK
 
Derive the encryption key from the DKEK
 
Derive the message authentication key from the DKEK
 
Import a DKEK share
Class Detail
DKEK(crypto)
Class supporting DKEK functions outside the SmartCard-HSM
Parameters:
{Crypto} crypto
the crypto provider
Method Detail
clear()
Zeroize DKEK

{Key} convertCRT2PEM(pri, pub)
Wrap RSA or ECC key
Parameters:
{Key} pri
the private key in CRT format
{Key} pub
the public key
Returns:
the private key in private exponent / modulus format

<static> {ByteString} DKEK.decryptKeyShare(keyshare, password)
Decrypt a DKEK share
Parameters:
{ByteString} keyshare
the encrypted key share as read from the .pbe file
{ByteString} password
the password
Returns:
plain DKEK value

<static> {ByteString} DKEK.deriveDKEKShareKey(password, password)
Derive DKEK share encryption key from password
Parameters:
{ByteString} password
the password
password
Returns:
the derived key (32 Byte) concatenated with the IV (16 Byte)

{ByteString} encodeAESKey(key)
Wrap AES key
Parameters:
{Key} key
the secret key
Returns:
the secret key wrapped with the DKEK

{ByteString} encodeKey(pri, pub)
Wrap RSA or ECC key
Parameters:
{Key} pri
the private key
{Key} pub
the public key
Returns:
the private key wrapped with the DKEK

<static> {ByteString} DKEK.encryptKeyShare(keyshare, password)
Encrypt a DKEK share
Parameters:
{ByteString} keyshare
the key share
{ByteString} password
the password
Returns:
Encrypted DKEK share value

{ByteString} getKCV()
Return the Key Check Value (KCV) of the internal DKEK
Returns:
the KCV

{ByteString} getKENC()
Derive the encryption key from the DKEK
Returns:
the encryption key

{ByteString} getKMAC()
Derive the message authentication key from the DKEK
Returns:
the message authentication key

importDKEKShare(share)
Import a DKEK share
Parameters:
{ByteString} share
a 32 byte share

Documentation generated by JsDoc Toolkit 2.4.0 on Fri Apr 11 2025 18:23:13 GMT+0200 (CEST)