ECDH
This basic cryptography operation allows the calculation of the ECDH between a trusted key or by an external public key.
Allowed users
Allowed
Required access scope
keymgmt:use:<KID>
where <KID> is a Key ID as 32 chars hexadecimal string
Generate ECDH
POST https://my.ence.do/api/crypto/ecdh
Return raw or hashed ECDH results between given arguments.
Headers
| Name | Type | Description |
|---|---|---|
Authorization* | String | Bearer JWT_TOKEN |
Content-Type* | String | application/json |
Request Body
| Name | Type | Description |
|---|---|---|
alg | String | Algorithm used to hash the result (e.g. SHA2-256) - if omitted raw ECDH is returned |
kid* | String | Key ID, 32 chars hex string |
pubkey | String | Base64 encoded external public key |
ext_kid | String | External Key ID, 32 chars hex string |
The key type pointed by ext_kid or represented by pubkey MUST be the same as the kid key type. Otherwise, indirect ECDH will be failed.
Possible alg values
alg values| Value | Description |
|---|---|
SHA2-256 | Use SHA2-256 to hash the ECDH result |
SHA2-384 | Use SHA2-384 to hash the ECDH result |
SHA2-512 | Use SHA2-512 to hash the ECDH result |
SHA3-256 | Use SHA3-256 to hash the ECDH result |
SHA3-384 | Use SHA3-384 to hash the ECDH result |
SHA3-512 | Use SHA3-512 to hash the ECDH result |
Response data for successful operation
| Name | Type | Description |
|---|---|---|
| String | Base64 encoded the ECDH result |
Log entries
| Event | Result | Source |
|---|---|---|
LOG_TYPE_FAILED_SCOPE_CHECK | LOG_RESULT_FAILED | 403 |
LOG_TYPE_CRYPTO_ECDH | LOG_RESULT_ERROR | 400 |
LOG_TYPE_CRYPTO_ECDH | LOG_RESULT_FAILED | 406 |
LOG_TYPE_CRYPTO_ECDH | LOG_RESULT_OK | 200 |
Last updated