From 223b6a3f4d53f7d5b5d0b9756c1eec4a5b8c862b Mon Sep 17 00:00:00 2001
From: Hans Nilsson
engine_key_ref() = #{engine := engine_ref(),
key_id := key_id(),
password => password()}
- engine_key_ref() = term()
+ engine_ref() = term()
The result of a call to
+
+
+ In addition to provide alternative cryptographic implementations, an engine could provide a storage for + private or public keys. Such a storage could be made safer than the normal file system. Such techniques are not + described in this User's Guide. Here we concentrate on how to use private or public keys stored in + such an engine. +
+
+ The storage engine must call
+ OTP/Crypto requires that the user provides two or three items of information about the key. The application used
+ by the user is usually on a higher level, for example
+ This example shows how to construct a key reference that is used in a sign operation. + The actual key is stored in the engine that is loaded at prompt 1. +
+
+1> {ok, EngineRef} = crypto:engine_load(....).
+...
+{ok,#Ref<0.2399045421.3028942852.173962>}
+2> PrivKey = #{engine => EngineRef,
+ key_id => "id of the private key in Engine"}.
+...
+3> Signature = crypto:sign(rsa, sha, <<"The message">>, PrivKey).
+<<65,6,125,254,54,233,84,77,83,63,168,28,169,214,121,76,
+ 207,177,124,183,156,185,160,243,36,79,125,230,231,...>>
+
+ + Here the signature and message in the last example is verifyed using the public key. + The public key is stored in an engine, only to exemplify that it is possible. The public + key could of course be handled openly as usual. +
+
+4> PublicKey = #{engine => EngineRef,
+ key_id => "id of the public key in Engine"}.
+...
+5> crypto:verify(rsa, sha, <<"The message">>, Signature, PublicKey).
+true
+6>
+
+ + The same example as the first sign example, except that a password protects the key down in the Engine. +
+
+6> PrivKeyPwd = #{engine => EngineRef,
+ key_id => "id of the pwd protected private key in Engine",
+ password => "password"}.
+...
+7> crypto:sign(rsa, sha, <<"The message">>, PrivKeyPwd).
+<<140,80,168,101,234,211,146,183,231,190,160,82,85,163,
+ 175,106,77,241,141,120,72,149,181,181,194,154,175,76,
+ 223,...>>
+8>
+
+
+