Klave logo

Simple Crypto

The Simple Crypto Interface provides a simple way to manage cryptographic operations such as encryption, decryption, signing and verifying signature. Key generation and storage is managed automatically and leverage high standard cryptographic primitives (AES-GCM for encryption, ECDSA with NIST P-256 curve for signature and verification, SHA2 and SHA3 for digest).

Using Simple Crypto APIs from Applications

Data Encryption and Decryption

ClassOperationParameters: typeReturnsBehavior
Crypto.AESgenerateKeykeyName: stringResult<KeyAES, Error>Generate an AES-256 key and store it in the ledger with the keyName provided. Return a ResultSet Result<KeyAES, Error> containing either the generated KeyAES or an Error.
Crypto.AESgetKeykeyName: stringKeyAES | nullGet the key associated with the specified keyName, return null if key does not exists.
KeyAESencryptdata: ArrayBufferResult<ArrayBuffer, Error>Encrypt the data using AES-GCM. the IV is managed automatically. Return a ResultSet Result<ArrayBuffer, Error> containing the encrypted data as an ArrayBuffer or an Error.
KeyAESdecryptdata: ArrayBufferResult<ArrayBuffer, Error>Decrypt the data using AES-GCM. the IV is managed automatically. Return a ResultSet Result<ArrayBuffer, Error> containing the decrypted data as an ArrayBuffer or an Error.

the generateKey method can be used only in the context of a transaction as the generated keys are saved into the ledger.

The interface can be accessed through the Crypto.AES keyword.

import { Crypto } from '@klave/sdk';
 
/**
* @transaction
*/
export function simpleCryptoAES(): void
{
    let aes = Crypto.AES.generateKey("MyAESKey");
    let aesRes = aes.data as Crypto.KeyAES;
    let aesEncrypted = aesRes.encrypt(String.UTF8.encode("Hello World"));
    let aesDecrypted = aesRes.decrypt(aesEncrypted.data as ArrayBuffer);
}

ECDSA: Signing and verifying

ClassOperationParameters: typeReturnsBehavior
Crypto.ECDSAgenerateKeykeyName: stringResult<KeyECC, Error>Generate a NIST P-256 key and store it in the ledger with the keyName provided. Return a ResultSet Result<KeyECC, Error> containing either the generated KeyECC or an Error.
Crypto.ECDSAgetKeykeyName: stringKeyECC | nullGet the key associated with the specified keyName, return null if key does not exists.
KeyECCsigndata: ArrayBufferResult<ArrayBuffer, Error>Provide an ECDSA signature of data. Return a ResultSet Result<ArrayBuffer, Error> containing the signature as an ArrayBuffer or an Error.
KeyECCverifydata: ArrayBuffer, signature: ArrayBufferResult<VerifySignResult, Error>Verify the signature from the data provided. Return a ResultSet Result<VerifySignResult, Error> containing the signature verification VerifySignResult or an Error.

the generateKey method can be used only in the context of a transaction as the generated keys are saved into the ledger.

The interface can be accessed through the Crypto.ECDSA keyword.

import { Crypto } from '@klave/sdk';
 
/**
* @transaction
*/
export function simpleCryptoECC(): void
{
    let ecc = Crypto.ECDSA.generateKey("MyECCKey");
    let eccRes = ecc.data as Crypto.KeyECC;
    let eccSigned = eccRes.sign(String.UTF8.encode("Hello World"));
    let eccVerify = eccRes.verify(String.UTF8.encode("Hello World"), eccSigned.data as ArrayBuffer);
    let verification = eccVerify.data as SignatureVerification;
    // Validate signature : if(verification.isValid) ...
}

Making data digest

The interface can be accessed through the Crypto.SHA keyword and is compatible with SHA2 and SHA3 digest.

ClassOperationParameters: typeReturnsBehavior
Crypto.SHAdigestalgorithm: string, data: ArrayBufferResult<ArrayBuffer, Error>Generate a digest of the data based on the algorithm specified. Return a ResultSet Result<ArrayBuffer, Error> containing either the digest in an ArrayBuffer or an Error.
import { Crypto } from '@klave/sdk';
 
/**
* @query
*/
export function CryptoSHA_Test(): void
{
    let data = String.UTF8.encode("Hello World");
    let sha256 = Crypto.SHA.digest("SHA2-256", data);
    let sha384 = Crypto.SHA.digest("SHA2-384", data);
    let sha512 = Crypto.SHA.digest("SHA2-512", data);
    let sha3_256 = Crypto.SHA.digest("SHA3-256", data);
    let sha3_384 = Crypto.SHA.digest("SHA3-384", data);
    let sha3_512 = Crypto.SHA.digest("SHA3-512", data);
}
Edit on GitHub

Previous

Cryptographic APIs

Next

Subtle Crypto

On this page