Set of keys used by AccessManager.

interface Keys {
    memberVerifier?: Verifier;
    ownKdkDecrypter: NamedDecrypter<any>;
    ownKdkEncrypter: NamedEncrypter<any>;
    ownKdkVerifier?: Verifier;
    signer: Signer;
}

Properties

memberVerifier?: Verifier

Verifier for member RSA-OAEP certificates.

Remarks

This is only used if a Name would be passed to KekHandle.grant function. If unspecified, KekHandle.grant does not accept Name.

ownKdkDecrypter: NamedDecrypter<any>

Decrypter for own KDK.

ownKdkEncrypter: NamedEncrypter<any>

Encrypter for own KDK.

ownKdkVerifier?: Verifier

Verifier for own KDK.

Remarks

This is only needed if Options.dataStore cannot be trusted (e.g. it's a network based repo). Otherwise, no verification is needed.

signer: Signer

Signer for KEK, KDK, and KDK SafeBag.

Generated using TypeDoc