Classes
Methods
(static) generateServerAndDocumentKey(url, serverKeyID, signedServerKeyID, threshold, verbose) → {Promise.<String>}
Generating document key by one of the participating nodes.
While it is possible (and more secure, if you’re not trusting the Secret Store nodes)
to run separate server key generation and document key storing sessions,
you can generate both keys simultaneously.
Parameters:
Name | Type | Default | Description |
---|---|---|---|
url |
String | URL where the SS node is listening for incoming requests | |
serverKeyID |
String | The server key ID | |
signedServerKeyID |
String | The server key ID signed by SS user | |
threshold |
Number | Key threshold value. Please consider the guidelines when choosing this value: https://wiki.parity.io/Secret-Store.html#server-key-generation-session | |
verbose |
Boolean | true | Whether to console log errors |
- Source:
Returns:
The hex-encoded document key, encrypted with requester public key (ECIES encryption is used)
- Type
- Promise.<String>
(static) generateServerKey(url, serverKeyID, signedServerKeyID, threshold, verbose) → {Promise.<String>}
Generates server keys.
Parameters:
Name | Type | Default | Description |
---|---|---|---|
url |
String | URL where the SS node is listening for incoming requests | |
serverKeyID |
String | The server key ID | |
signedServerKeyID |
String | The server key ID signed by SS user | |
threshold |
Number | Key threshold value. Please consider the guidelines when choosing this value: https://wiki.parity.io/Secret-Store.html#server-key-generation-session | |
verbose |
Boolean | true | Whether to console log errors |
- Source:
Returns:
The hex-encoded public portion of server key
- Type
- Promise.<String>
(static) nodesSetChange(url, nodeIDsNewSet, signatureOldSet, signatureNewSet, verbose) → {Promise.<Object>}
Nodes set change session. Requires all added, removed and stable nodes to be online for the duration of the session.
Before starting the session, you’ll need to generate two administrator’s signatures:
`old set` signature and `new set` signature. To generate these signatures,
the Secret Store RPC methods should be used: `serversSetHash` and `signRawHash`.
Parameters:
Name | Type | Default | Description |
---|---|---|---|
url |
String | URL where the SS node is listening for incoming requests | |
nodeIDsNewSet |
String | node IDs of the `new set` | |
signatureOldSet |
String | ECDSA signature of all online nodes IDs `keccak(ordered_list(staying + added + removing))` | |
signatureNewSet |
String | ECDSA signature of nodes IDs, that should stay in the Secret Store after the session ends `keccak(ordered_list(staying + added))` | |
verbose |
Boolean | true | Whether to console log errors |
- Source:
Returns:
Unknown
- Type
- Promise.<Object>
(static) retrieveDocumentKey(url, serverKeyID, signedServerKeyID, verbose) → {Promise.<String>}
The lighter version of the `document key shadow retrieval` session,
which returns final document key (though, encrypted with requester public key) if you have enough trust in Secret Store nodes.
During document key shadow retrieval session, document key is not reconstructed on any node.
But it requires Secret Store client either to have an access to Parity RPCs, or to run some EC calculations to decrypt the document key.
Parameters:
Name | Type | Default | Description |
---|---|---|---|
url |
String | URL where the SS node is listening for incoming requests | |
serverKeyID |
String | The server key ID | |
signedServerKeyID |
String | The server key ID signed by SS user | |
verbose |
Boolean | true | Whether to console log errors |
- Source:
Returns:
The hex-encoded document key, encrypted with requester public key (ECIES encryption is used)
- Type
- Promise.<String>
(static) shadowRetrieveDocumentKey(url, serverKeyID, signedServerKeyID, verbose) → {Promise.<Object>}
This session is a preferable way of retrieving previously generated document key.
Parameters:
Name | Type | Default | Description |
---|---|---|---|
url |
String | URL where the SS node is listening for incoming requests | |
serverKeyID |
String | The server key ID | |
signedServerKeyID |
String | The server key ID signed by SS user | |
verbose |
Boolean | true | Whether to console log errors |
- Source:
Returns:
The hex-encoded decrypted_secret, common_point and decrypt_shadows fields
- Type
- Promise.<Object>
(static) signEcdsa(url, serverKeyID, signedServerKeyID, messageHash, verbose) → {Promise.<String>}
ECDSA signing session, for computing ECDSA signature of a given message hash.
Parameters:
Name | Type | Default | Description |
---|---|---|---|
url |
String | URL where the SS node is listening for incoming requests | |
serverKeyID |
String | The server key ID | |
signedServerKeyID |
String | The server key ID signed by SS user | |
messageHash |
String | The 256-bit hash of the message that needs to be signed | |
verbose |
Boolean | true | Whether to console log errors |
- Source:
Returns:
The hex-encoded ECDSA signature (serialized as r || s || v), encrypted with requester public key (ECIES encryption is used)
- Type
- Promise.<String>
(static) signSchnorr(url, serverKeyID, signedServerKeyID, messageHash, verbose) → {Promise.<String>}
Schnorr signing session, for computing Schnorr signature of a given message hash.
Parameters:
Name | Type | Default | Description |
---|---|---|---|
url |
String | URL where the SS node is listening for incoming requests | |
serverKeyID |
String | The server key ID | |
signedServerKeyID |
String | The server key ID signed by SS user | |
messageHash |
String | The 256-bit hash of the message that needs to be signed | |
verbose |
Boolean | true | Whether to console log errors |
- Source:
Returns:
The hex-encoded Schnorr signature (serialized as c || s), encrypted with requester public key (ECIES encryption is used)
- Type
- Promise.<String>
(static) storeDocumentKey(url, serverKeyID, signedServerKeyID, commonPoint, encryptedPoint, verbose) → {Promise.<String>}
Binds an externally-generated document key to a server key. Useable after a `server key generation` session.
Parameters:
Name | Type | Default | Description |
---|---|---|---|
url |
String | URL where the SS node is listening for incoming requests | |
serverKeyID |
String | Same ID that was used in `server key generation session` | |
signedServerKeyID |
String | Same server key id, signed by the same entity (author) that has signed the server key id in the `server key generation session` | |
commonPoint |
String | The hex-encoded common point portion of encrypted document key | |
encryptedPoint |
String | The hex-encoded encrypted point portion of encrypted document key | |
verbose |
Boolean | true | Whether to console log errors |
- Source:
Returns:
Empty body of the response if everything was OK
- Type
- Promise.<String>