Key Agreement

Key Agreement

Uses Diffie-Hellman algorithm to achieve encryption key agreement between client and server, which then can be used to encrypt and decrypt sensitive information.

Request
URI
POST
https://{api_host}/rest/key-agreement
COPY
Request Body
ClientKeyDerivationSpec of type(s) application/json
Required
{
    "identifier": "V2luZG93c0xPQ0FUSU9OSUQ6NTIyNTI0NTM0NTM0NjM0MzQ2MzYzNDYzNjc1MzI0NjUyMzY3NDUyNzY1NDIzNjc1NDY3MjM1NDI0Mw==",
    "nonce": "DaY+kne1X2B6h8a4gLZu2w==",
    "public_key": "<public key>",
    "supported_schemes": [
        "SCHEME-AES2"
    ]
}
string As byte As byte
identifier
Required

Identifier as Base64 encoded binary data.

string As byte As byte
nonce
Required

Nonce as Base64 encoded binary data.

string As byte As byte
public_key
Required

Diffie Hellman public key as Base64 encoded binary data.

array of string
supported_schemes
Required

List of client supported schemes for key derivation.

Possible values are : SCHEME-AES1, SCHEME-AES2, SCHEME-EC-AES1, SCHEME-EC-AES2,
Authentication
This operation uses the following authentication methods.
Responses
200

OK

Returns ServerKeyDerivationInfo of type(s) */*
{
    "client_reference_id": "855ea6c5-720a-41e1-96f4-958c90e6e424",
    "identifier": "QnJva2Vy",
    "proof": "qck2eXsbiOpFJMGKEBzyPTidLwwCzsG8PgvyncQpeZU=",
    "public_key": "<public key>",
    "scheme": "SCHEME-AES2"
}
string
client_reference_id
Optional

Client reference identifier which is required to be passed as query param to login api, to enable decryption of encrypted sensitive information.

string As byte As byte
identifier
Optional

Identifier as Base64 encoded binary data.

string As byte As byte
proof
Optional

Proof as Base64 encoded binary data.

string As byte As byte
public_key
Optional

Diffie Hellman public key as Base64 encoded binary data.

string
scheme
Optional

Selected scheme for key derivation.

  • SCHEME_AES1: Diffie Hellman algo used by low power clients.
  • SCHEME_AES2: Diffie Hellman algo used by high power clients.
  • SCHEME_EC_AES1: Elliptic-curve Diffie Hellman algo used by low power clients.
  • SCHEME_EC_AES2: Elliptic-curve Diffie Hellman algo used by high power clients.
Possible values are : SCHEME-AES1, SCHEME-AES2, SCHEME-EC-AES1, SCHEME-EC-AES2,

400

Bad Request

Operation doesn't return any data structure