Derive a key
This key management operation allows to derive a new key and save it inside the device's secure repository.
Allowed users
Allowed
Required access scope
keymgmt:ecdh
Derive a new key
POST https://my.ence.do/api/keymgmt/derive
Derive (create) a new key using ECDH with a source key and save it.
Headers
| Name | Type | Description |
|---|---|---|
Authorization* | String | Bearer JWT_TOKEN |
Content-Type* | String | application/json |
Request Body
| Name | Type | Description |
|---|---|---|
descr | String | Base64 encoded additional description |
ext_kid | String | External Key ID, 32 chars hex string |
kid* | String | Key ID, 32 chars hex string |
label* | String | Label of a key |
mode | String | Key operation mode (for NIST ECC only) |
pubkey | String | Base64 encoded external public key |
type* | String | Type of key to create |
The key type pointed by ext_kid or represented by pubkey MUST be the same as the kid key type. Otherwise, indirect ECDH will be failed.
Response data for successful operation
| Name | Type | Description |
|---|---|---|
| String | Key ID, 32 chars hex string |
Possible key type
typeCheck the list here.
Possible key mode (for NIST ECC keys only)
mode (for NIST ECC keys only)Check the list here.
Log entries
LOG_TYPE_FAILED_SCOPE_CHECK | LOG_RESULT_FAILED | 403 |
LOG_TYPE_KEY_DERIVE | LOG_RESULT_ERROR | 400 |
LOG_TYPE_KEY_DERIVE | LOG_RESULT_ERROR | 406 |
LOG_TYPE_KEY_DERIVE | LOG_RESULT_OK | 200 |
Last updated