securestore
The securestore object provides a mechanism for securely storing customer data within the player. Data held in the securestore are encrypted using root keys which are held securely within the player hardware and are unique to each unit. In general, the securestore is used to hold a second-level key which in turn is used for subsequent decryption. The key itself cannot be retrieved, but the user can ask the securestore to perform decryption using it.
The capacity of the securestore is limited and customers should not store more than 256kB of keys.
securestore IDL
interface SecureStore {
Promise<void> writePkcs8DecryptionKey(String name, Array<byte> data)
Promise<Array<byte>> decryptWithPkcs8Key(String name, String algorithm, String hash, Array<byte> data)
Promise<void> eraseSecureStore();
};
Object Creation
To create a securestore object, load the @brightsign/securestore module using the Node.js® require() method:
var securestoreClass = require("@brightsign/securestore");
var securestore = new securestoreClass();
SecureStore
writePkcs8DecryptionKey()
Promise<void> writePkcs8DecryptionKey(String name, Array<byte> data)
Writes the key in pkcs8 format to the securestore.
name
string:Â The filename of the key within the secure store.data
Array: Â The key as a Uint8 data array.
decryptWithPkcs8Key()
Decrypts a data array using the designated key stored in the securestore and using the designated algorithm and hash.
name
string:Â Â The filename of the key within the secure store.algorithm
string: For the moment, the only algorithm supported is ""RSA-OAEP". Âhash
string:Â Â Hash values can be any of the following: "SHA-1", "SHA-256", "SHA-384" or "SHA-512".data
Array: Â Uint8Array data
eraseSecureStore()
Completely deletes the securestore.
Examples
Write example:
Decrypt example:
Delete example: