How to use the graphene-pk11.KeyType function in graphene-pk11
To help you get started, we’ve selected a few graphene-pk11 examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
PeculiarVentures / graphene / test / graphene-pk11-tests.ts View on Github 
});
// derive algorithm
let alg = {
name: "ECDH1_DERIVE",
params: new graphene.EcdhParams(
graphene.EcKdf.SHA1,
null,
keys.publicKey.getAttribute({ pointEC: null }).pointEC)
};
// Template for derived key
let template = {
"class": graphene.ObjectClass.SECRET_KEY,
"token": false,
"keyType": graphene.KeyType.AES,
"valueLen": 256 / 8,
"encrypt": true,
"decrypt": true
};
// Key derivation
let dKey = session.deriveKey(alg, keys.privateKey, template);
console.log("Derived key handle:", dKey.handle);
session.logout();
session.close();
}
else {
console.error("Slot is not initialized");
}import * as graphene from "graphene-pk11";
let Module = graphene.Module;
let lib = "/usr/local/lib/softhsm/libsofthsm2.so";
let mod = Module.load(lib, "SoftHSM");
mod.initialize();
let slot = mod.getSlots(0);
if (slot.flags & graphene.SlotFlag.TOKEN_PRESENT) {
let session = slot.open();
session.login("12345");
// generate EC key
let keys = session.generateKeyPair(graphene.KeyGenMechanism.ECDSA, {
keyType: graphene.KeyType.ECDSA,
token: false,
derive: true,
paramsECDSA: graphene.NamedCurve.getByName("secp192r1").value
}, {
keyType: graphene.KeyType.ECDSA,
token: false,
derive: true
});
// derive algorithm
let alg = {
name: "ECDH1_DERIVE",
params: new graphene.EcdhParams(
graphene.EcKdf.SHA1,
null,
keys.publicKey.getAttribute({ pointEC: null }).pointEC)case "K-256":
valueLen = 256;
break;
case "P-384":
valueLen = 384;
break;
case "P-521":
valueLen = 534;
break;
}
// const curve = EcCrypto.getNamedCurve(baseKey.algorithm.namedCurve);
const template: graphene.ITemplate = {
token: false,
sensitive: false,
class: graphene.ObjectClass.SECRET_KEY,
keyType: graphene.KeyType.GENERIC_SECRET,
extractable: true,
encrypt: true,
decrypt: true,
valueLen: valueLen >> 3,
};
// derive key
const ecPoint = (algorithm.public as EcCryptoKey).key.getAttribute({ pointEC: null }).pointEC!;
this.crypto.session.deriveKey(
{
name: "ECDH1_DERIVE",
params: new graphene.EcdhParams(
graphene.EcKdf.NULL,
null as any,
ecPoint, // CKA_EC_POINT
),
},function create_template(session, alg, extractable, keyUsages) {
var label = "EC-" + alg.namedCurve;
var id_pk = new Buffer(utils.GUID(session));
var id_pubk = new Buffer(utils.GUID(session));
var keyType = graphene_pk11_1.KeyType.ECDSA;
return {
privateKey: {
token: !!process.env["WEBCRYPTO_PKCS11_TOKEN"],
sensitive: !!process.env["WEBCRYPTO_PKCS11_SENSITIVE"],
class: graphene_pk11_1.ObjectClass.PRIVATE_KEY,
keyType: keyType,
private: true,
label: label,
id: id_pk,
extractable: extractable,
derive: keyUsages.indexOf(key_1.KU_DERIVE) !== -1,
sign: keyUsages.indexOf(key_1.KU_SIGN) !== -1,
decrypt: keyUsages.indexOf(key_1.KU_DECRYPT) !== -1,
unwrap: keyUsages.indexOf(key_1.KU_UNWRAP) !== -1
},
publicKey: {protected createTemplate(alg: HmacKeyGenParams, extractable: boolean, keyUsages: KeyUsage[]): graphene.ITemplate {
const id = utils.GUID(this.crypto.session);
return {
token: !!process.env.WEBCRYPTO_PKCS11_TOKEN,
sensitive: !!process.env.WEBCRYPTO_PKCS11_SENSITIVE,
class: graphene.ObjectClass.SECRET_KEY,
keyType: graphene.KeyType.GENERIC_SECRET,
label: `HMAC-${alg.length << 3}`,
id,
extractable,
derive: false,
sign: keyUsages.indexOf("sign") !== -1,
verify: keyUsages.indexOf("verify") !== -1,
encrypt: keyUsages.indexOf("encrypt") !== -1 || keyUsages.indexOf("wrapKey") !== -1,
decrypt: keyUsages.indexOf("decrypt") !== -1 || keyUsages.indexOf("unwrapKey") !== -1,
wrap: keyUsages.indexOf("wrapKey") !== -1,
unwrap: keyUsages.indexOf("unwrapKey") !== -1,
};
}function create_template(session, alg, extractable, keyUsages) {
var id = utils.GUID(session);
return {
token: !!process.env["WEBCRYPTO_PKCS11_TOKEN"],
sensitive: !!process.env["WEBCRYPTO_PKCS11_SENSITIVE"],
class: graphene_pk11_1.ObjectClass.SECRET_KEY,
keyType: graphene_pk11_1.KeyType.AES,
label: "AES-" + alg.length,
id: new Buffer(id),
extractable: extractable,
derive: false,
sign: keyUsages.indexOf(key_1.KU_SIGN) !== -1,
verify: keyUsages.indexOf(key_1.KU_VERIFY) !== -1,
encrypt: keyUsages.indexOf(key_1.KU_ENCRYPT) !== -1,
decrypt: keyUsages.indexOf(key_1.KU_DECRYPT) !== -1,
wrap: keyUsages.indexOf(key_1.KU_WRAP) !== -1,
unwrap: keyUsages.indexOf(key_1.KU_UNWRAP) !== -1,
};
}
exports.create_template = create_template;protected static createTemplate(session: graphene.Session, alg: EcKeyGenParams, extractable: boolean, keyUsages: string[]): ITemplatePair {
const label = `EC-${alg.namedCurve}`;
const idKey = utils.GUID(session);
const keyType = graphene.KeyType.ECDSA;
return {
privateKey: {
token: !!process.env.WEBCRYPTO_PKCS11_TOKEN,
sensitive: !!process.env.WEBCRYPTO_PKCS11_SENSITIVE,
class: graphene.ObjectClass.PRIVATE_KEY,
keyType,
private: true,
label,
id: idKey,
extractable,
derive: keyUsages.indexOf("deriveKey") !== -1 || keyUsages.indexOf("deriveBits") !== -1,
sign: keyUsages.indexOf("sign") !== -1,
decrypt: keyUsages.indexOf("decrypt") !== -1,
unwrap: keyUsages.indexOf("unwrapKey") !== -1,
},
publicKey: {sensitive: !!process.env["WEBCRYPTO_PKCS11_SENSITIVE"],
class: graphene_pk11_1.ObjectClass.PRIVATE_KEY,
keyType: graphene_pk11_1.KeyType.RSA,
private: true,
label: label,
id: id_pk,
extractable: extractable,
derive: false,
sign: keyUsages.indexOf(key_1.KU_SIGN) !== -1,
decrypt: keyUsages.indexOf(key_1.KU_DECRYPT) !== -1,
unwrap: keyUsages.indexOf(key_1.KU_UNWRAP) !== -1
},
publicKey: {
token: !!process.env["WEBCRYPTO_PKCS11_TOKEN"],
class: graphene_pk11_1.ObjectClass.PUBLIC_KEY,
keyType: graphene_pk11_1.KeyType.RSA,
label: label,
id: id_pubk,
verify: keyUsages.indexOf(key_1.KU_VERIFY) !== -1,
encrypt: keyUsages.indexOf(key_1.KU_ENCRYPT) !== -1,
wrap: keyUsages.indexOf(key_1.KU_WRAP) !== -1,
}
};
}
var Rsa = (function (_super) {function create_template(session, alg, extractable, keyUsages) {
var label = "RSA-" + alg.modulusLength;
var id_pk = new Buffer(utils.GUID(session));
var id_pubk = new Buffer(utils.GUID(session));
return {
privateKey: {
token: !!process.env["WEBCRYPTO_PKCS11_TOKEN"],
sensitive: !!process.env["WEBCRYPTO_PKCS11_SENSITIVE"],
class: graphene_pk11_1.ObjectClass.PRIVATE_KEY,
keyType: graphene_pk11_1.KeyType.RSA,
private: true,
label: label,
id: id_pk,
extractable: extractable,
derive: false,
sign: keyUsages.indexOf(key_1.KU_SIGN) !== -1,
decrypt: keyUsages.indexOf(key_1.KU_DECRYPT) !== -1,
unwrap: keyUsages.indexOf(key_1.KU_UNWRAP) !== -1
},
publicKey: {
token: !!process.env["WEBCRYPTO_PKCS11_TOKEN"],
class: graphene_pk11_1.ObjectClass.PUBLIC_KEY,
keyType: graphene_pk11_1.KeyType.RSA,
label: label,
id: id_pubk,
verify: keyUsages.indexOf(key_1.KU_VERIFY) !== -1,graphene-pk11
A simple layer for interacting with PKCS #11 / PKCS11 / CryptoKI for Node in TypeScript
Package Health Score
63 / 100Popular graphene-pk11 functions
- graphene-pk11.AesGcm240Params
- graphene-pk11.EcdhParams
- graphene-pk11.EcKdf
- graphene-pk11.Enums
- graphene-pk11.KeyGenMechanism
- graphene-pk11.KeyGenMechanism.AES
- graphene-pk11.KeyGenMechanism.RSA
- graphene-pk11.KeyType
- graphene-pk11.KeyType.RSA
- graphene-pk11.MechanismEnum
- graphene-pk11.Module
- graphene-pk11.NamedCurve
- graphene-pk11.NamedCurve.getByName
- graphene-pk11.ObjectClass
- graphene-pk11.ObjectClass.PRIVATE_KEY
- graphene-pk11.ObjectClass.PUBLIC_KEY
- graphene-pk11.ObjectClass.SECRET_KEY
- graphene-pk11.RsaMgf
- graphene-pk11.RsaOaepParams
- graphene-pk11.RsaPssParams