Derive a key

This key management operation allows to derive a new key and save it inside the device's secure repository.

Allowed users

Allowed

Required access scope

keymgmt:ecdh

Derive a new key

POST https://my.ence.do/api/keymgmt/derive

Derive (create) a new key using ECDH with a source key and save it.

Headers

Name
Type
Description

Authorization*

String

Bearer JWT_TOKEN

Content-Type*

String

application/json

Request Body

Name
Type
Description

descr

String

Base64 encoded additional description

ext_kid

String

External Key ID, 32 chars hex string

kid*

String

Key ID, 32 chars hex string

label*

String

Label of a key

mode

String

Key operation mode (for NIST ECC only)

pubkey

String

Base64 encoded external public key

type*

String

Type of key to create

{
  "kid":"bd0958e1499ecfd51ea62a3f49a84cad"
}

The key type pointed by ext_kid or represented by pubkey MUST be the same as the kid key type. Otherwise, indirect ECDH will be failed.

Response data for successful operation

Name
Type
Description

kid

String

Key ID, 32 chars hex string

Possible key type

Check the list here.

Possible key mode (for NIST ECC keys only)

Check the list here.

Log entries

LOG_TYPE_FAILED_SCOPE_CHECK

LOG_RESULT_FAILED

403

LOG_TYPE_KEY_DERIVE

LOG_RESULT_ERROR

400

LOG_TYPE_KEY_DERIVE

LOG_RESULT_ERROR

406

LOG_TYPE_KEY_DERIVE

LOG_RESULT_OK

200

PreviousCreate a keyNextImport a key

Last updated