@dfinity/vetkeys - v0.1.0
    Preparing search index...

    A VetKey (verifiably encrypted threshold key)

    This is the end product of executing the VetKD protocol.

    Internally a VetKey is a valid BLS signature for the bytestring input which provided when calling the vetkd_derive_encrypted_key management canister interface.

    For certain usages, such as a beacon, the VetKey is actually used directly. However the more common usage of VetKD protocol is for distribution of encryption keys (eg AES keys to encrypt content).

    Index

    Methods

    • Derive a symmetric key of the requested length from the VetKey

      As an alternative to this function consider using asDerivedKeyMaterial, which uses the WebCrypto API and prevents export of the underlying key.

      The domainSep parameter should be a string unique to your application and also your usage of the resulting key. For example say your application "my-app" is deriving two keys, one for usage "foo" and the other for "bar". You might use as domain separators "my-app-foo" and "my-app-bar".

      Parameters

      • domainSep: string | Uint8Array<ArrayBufferLike>
      • outputLength: number

      Returns Uint8Array

    • Return the VetKey bytes, aka the BLS signature

      Use the raw bytes only if your design makes use of the fact that VetKeys are BLS signatures (eg for random beacon or threshold BLS signature generation). If you are using VetKD for key distribution, instead use deriveSymmetricKey or asHkdfCryptoKey

      Returns Uint8Array

    • Deserialize a VetKey from the 48 byte encoding of the BLS signature

      This deserializes the same value as returned by signatureBytes

      Parameters

      • bytes: Uint8Array

      Returns VetKey