Function createRecoveryInformation

  • createRecoveryInformation(recoveryServicePublicKey, secret, identity, encryptedSecretSize?, bundledEncryptedRecoveryInformationSize?): {
        bundledEncryptedRecoveryInformation: BundledEncryptedRecoveryInformation;
        encryptedSecret: HexString;
    }

  • Create the recovery Information.

    This encrypts the secret with a newly generated symmetric key. This key is then encrypted along with identifying properties so that only the owner of the secret part matching the recoveryServicePublicKey can decrypt it.

    Parameters

    • recoveryServicePublicKey: Uint8Array

      The public key used to encrypt the key that can be used to decrypt the original secret.

    • secret: string | Uint8Array

      The secret to encrypt.

    • identity: string

      The identity string that is bundled with the key, so that the recovery service know which person should be allowed to receive the decryption key for the original secret.

    • encryptedSecretSize: number = 1024

      The final size of the encrypted secret. This limits the length of the secret to (encryptedSecretSize - 1). This is needed, so that you cannot retrieve the length of the original secret from the length of the encrypted payload.

    • bundledEncryptedRecoveryInformationSize: number = 1024

      The final size of the encrypted recovery information. This limits the length of identity to approx (bundledEncryptedRecoveryInformationSize - 50). This is needed, so that you cannot retrieve the length of the identity field from the length of the encrypted payload.

    Returns {
        bundledEncryptedRecoveryInformation: BundledEncryptedRecoveryInformation;
        encryptedSecret: HexString;
    }

    An encrypted secret that should be stored locally. The bundled recovery information that should be sent to the recovery server when the secret was forgotten.

Settings

Member Visibility