Create a key

This key management operation allows the creation of a new key and saving it inside the device's secure repository.

Allowed users

Allowed

Required access scope

keymgmt:gen

Create a new key

POST https://my.ence.do/api/keymgmt/create

Create a new key and save it.

Headers

Name
Type
Description

Authorization*

String

Bearer JWT_TOKEN

Content-Type*

String

application/json

Request Body

Name
Type
Description

label*

String

Label of a key

mode

String

Key operation mode (for NIST ECC only)

type*

String

Type of key to create

descr

String

Base64 encoded additional description

{
  "kid":"09bd0958e1499ecfd51ea62a3f49a84c"
}

Possible key type

Type
Description

SECP256R1

NIST P-256 ECC key

SECP384R1

NIST P-384 ECC key

SECP521R1

NIST P-521 ECC key

SECP256K1

SEC2-v2 ECC key

CURVE25519

CURVE25519 ECC ECDH only key

CURVE448

CURVE4ECC ECDH only key

ED25519

ED25519 ECC EdDSA only key

ED448

ED448 ECC EdDSA only key

SHA2-256

SHA2-256 HMAC symmetric key

SHA2-384

SHA2-384 HMAC symmetric key

SHA2-512

SHA2-512 HMAC symmetric key

SHA3-256

SHA3-256 HMAC symmetric key

SHA3-384

SHA3-384 HMAC symmetric key

SHA3-512

SHA3-512 HMAC symmetric key

AES128

AES 128 bits symmetric kesy

AES192

AES 192 bits symmetric kesy

AES256

AES 256 bits symmetric kesy

Possible key mode (for NIST ECC keys only)

Mode
Description

ECDH

Limit usage to ECDH only.

ExDSA

Limit usage to ExDSA only.

ECDH,ExDSA

Allow both ECDH and ECDH mode.

Response data for successful operation

Name
Type
Description

kid

String

Key ID, 32 chars hex string

Log entries

Event
Result
Source

LOG_TYPE_FAILED_SCOPE_CHECK

LOG_RESULT_FAILED

403

LOG_TYPE_KEY_GENERATION

LOG_RESULT_ERROR

400

LOG_TYPE_KEY_GENERATION

LOG_RESULT_FAILED

406

LOG_TYPE_KEY_GENERATION

LOG_RESULT_OK

200

Last updated