Myna. KeyStore

Manages keys sets and encypts,decrypts,signs,and verfies data.

A KeyStore is a named collection of encryption keys and metadata.  KeyStores can be used for encryption/decryption (purpose:”crypt”) or signing/verifying data (purpose:”sign”).  See create for more information.

Any number of keys can be generated.  Keys have the following statuses

PRIMARYThe currently active key that will be used for signing/encrypting.  Only one key can be primary.
ACTIVEmeans this key can be used to decrypt/verify cyphertext or a signature a previously generated with this key.  Any number of keys can be active
INACTIVEmeans this key can be used to decrypt/verify cyphertext or a signature a previously generated with this key.  Any number of keys can be inactive

You can use the promote and demote functions to alter the status of keys

Encrypting/Signing String values produces String output Encrypting/Signing Binary (byte[]) values produces Binary(byte[]) output

Example

var ks = new Myna.KeyStore("test_crypt");
ks.create(crypt);
ks.addKey("primary"); //version 1
ks.addKey(); //status: ACTIVE, version 2
ks.addKey(); //status: ACTIVE, version 3

ks.demote(1); //makes key 1 ACTIVE, now there is no PRIMARY key
ks.promote(2); //makes key 2 PRIMARY,

var ct = ks.encrypt("Super secret type information")
Myna.println("cypher = " +ct);
ks.promote(3); // makes key 3 PRIMARY, key 2 is demoted to ACTIVE

// this works because the key number is embedded in the cyphertext, so
// KeyStore knows to use key2 for decryption
var pt = ks.decrypt(ct);
Myna.println("plain = " +pt);
Myna.printDump(ks.getKeyInfo())

Myna.print("<h2>public key crypto test</h2>")
var ks = new Myna.KeyStore("test_private");
ks.create("crypt","default");
ks.addKey("primary");

var publicKeys = ks.exportPublicKeys()

//this part is normally done on a seperate Myna instance, the "client"

var pks = new Myna.KeyStore("test_public1");
pks.importPublicKeys(publicKeys);

//encrypt with public key
var ct = pks.encrypt("woot!")
Myna.println("cypher = " +ct);

//decrypt with private key
var pt = ks.decrypt(ct);
Myna.println("plain = " +pt);
Summary
Myna. KeyStoreManages keys sets and encypts,decrypts,signs,and verfies data.
Functions and Properties
Myna. KeyStoreConstructor function for KeyStore class
namename of this KeyStore
existstrue if this keystore has been created.
initInitialized the keystore from the database.
createCreates this KeyStore and sets its type
addKeygenerate a new key in this keystore
promoteincrease the status of a key
demotedecrease the status of a key
revokepermanently removes a key
importPublicKeysimport a public keystore as generated by exportPublicKeys
exportPublicKeysexport a set of public keys that match this keystore
getKeyInforeturns an object containing metadata for this KeyStore
encryptencrypts data with this KeyStore
decryptdecrypts data with this KeyStore
signsigns data with this KeyStore
verifyverifies that data matches sig with this KeyStore

Functions and Properties

Myna. KeyStore

Myna.KeyStore = function(name)

Constructor function for KeyStore class

Parameters

nameOptional default null A name for this keystore.  This should be defined unless you intend to importPublicKeys

name

name of this KeyStore

exists

true if this keystore has been created.

see

init

Myna.KeyStore.prototype.init = function()

Initialized the keystore from the database.

Should not be called directly

create

Myna.KeyStore.prototype.create = function(purpose,
asymmetric)

Creates this KeyStore and sets its type

Parameters

purpose”crypt” or “sign”
asymmetricOptional, default false If true, this creates a private/public keystore.

See

addKey

Myna.KeyStore.prototype.addKey = function(status)

generate a new key in this keystore

Parameters

statusOptional, default ACTIVE one of “primary”,”active”,”inactive”

See

promote

Myna.KeyStore.prototype.promote = function(keyNum)

increase the status of a key

INACTIVE> ACTIVE -> PRIMARY

demote

Myna.KeyStore.prototype.demote = function(keyNum)

decrease the status of a key

PRIMARY -> ACTIVE -> INACTIVE

revoke

Myna.KeyStore.prototype.revoke = function(keyNum)

permanently removes a key

Use this only for compromised keys!  Any data encrypted with this key will be lost!

importPublicKeys

Myna.KeyStore.prototype.importPublicKeys = function(pkjson)

import a public keystore as generated by exportPublicKeys

Parameters

pkjsona JSON string containing a set of public keys generated by exportPublicKeys

This function should only be called in a new KeyStore object

exportPublicKeys

Myna.KeyStore.prototype.exportPublicKeys = function()

export a set of public keys that match this keystore

This function is only valid on asymmetric KeyStores

getKeyInfo

Myna.KeyStore.prototype.getKeyInfo = function()

returns an object containing metadata for this KeyStore

encrypt

Myna.KeyStore.prototype.encrypt=function(data)

encrypts data with this KeyStore

Parameters

datadata to encrypt.  Can be either a String or a byte array.  The output will be the same type as the input

This function is only valid on “crypt” KeyStores.

decrypt

Myna.KeyStore.prototype.decrypt=function(cypherText)

decrypts data with this KeyStore

Parameters

datadata to decrypt.  Can be either a String or a byte array.  The output will be the same type as the input

This function is only valid on “crypt” KeyStores.

sign

Myna.KeyStore.prototype.sign=function(data)

signs data with this KeyStore

Parameters

datadata to sign.  Can be either a String or a byte array.  The output will be the same type as the input

This function is only valid on “sign” KeyStores.

verify

Myna.KeyStore.prototype.verify=function(data,
sig)

verifies that data matches sig with this KeyStore

Parameters

datadata to verify.  Can be either a String or a byte array, but must match sig.
sigsignature to verify.  Can be either a String or a byte array, but must match data.

This function is only valid on “sign” KeyStores.

Myna.KeyStore = function(name)
Constructor function for KeyStore class
Myna.KeyStore.prototype.init = function()
Initialized the keystore from the database.
Myna.KeyStore.prototype.create = function(purpose,
asymmetric)
Creates this KeyStore and sets its type
Myna.KeyStore.prototype.addKey = function(status)
generate a new key in this keystore
Myna.KeyStore.prototype.promote = function(keyNum)
increase the status of a key
Myna.KeyStore.prototype.demote = function(keyNum)
decrease the status of a key
Myna.KeyStore.prototype.revoke = function(keyNum)
permanently removes a key
Myna.KeyStore.prototype.importPublicKeys = function(pkjson)
import a public keystore as generated by exportPublicKeys
Myna.KeyStore.prototype.exportPublicKeys = function()
export a set of public keys that match this keystore
Myna.KeyStore.prototype.getKeyInfo = function()
returns an object containing metadata for this KeyStore
Myna.KeyStore.prototype.encrypt=function(data)
encrypts data with this KeyStore
Myna.KeyStore.prototype.decrypt=function(cypherText)
decrypts data with this KeyStore
Myna.KeyStore.prototype.sign=function(data)
signs data with this KeyStore
Myna.KeyStore.prototype.verify=function(data,
sig)
verifies that data matches sig with this KeyStore