Skip to main content

Local key

With a local key approach, our customers generate, store and use cryptographic keys within a single device or system. In other words, the keys are managed locally on the device or system rather than being managed by a cloud solution nor BLOOCK.

It is commonly used in situations where the device or system needs to operate independently or offline, without relying on external resources to manage its keys.

In local key management, keys are typically generated on the device or system and stored in a secure location, such as a secure element or a trusted platform module (TPM). The keys are used within the device or system, and should never be shared with external entities.

This approach requires careful consideration of security measures to prevent unauthorized access to the keys. It is important to use strong cryptographic algorithms and key lengths, protect the keys from physical tampering or theft, and implement secure storage and backup mechanisms.

Overall, local key management can provide a secure and reliable way to manage cryptographic keys for devices and systems that operate independently or offline. However, it requires careful planning and implementation to ensure that the keys remain secure and protected.

Generating a local key

import { KeyClient, KeyType } from '@bloock/sdk';

const keyClient = new KeyClient();

// Generate a EcP256k key
let _key = await keyClient.newLocalKey(KeyType.EcP256k);

// Generate a Rsa2048 key
_key = await keyClient.newLocalKey(KeyType.Rsa2048);

// Generate a Rsa3072 key
_key = await keyClient.newLocalKey(KeyType.Rsa3072);

// Generate a Rsa4096 key
_key = await keyClient.newLocalKey(KeyType.Rsa4096);

// Generate a Aes128 key
_key = await keyClient.newLocalKey(KeyType.Aes128);

// Generate a Aes256 key
_key = await keyClient.newLocalKey(KeyType.Aes256);

// Generate a BJJ key
_key = await keyClient.newLocalKey(KeyType.Bjj);

Loading an existing local key

import { KeyClient, KeyType } from '@bloock/sdk';

const keyClient = new KeyClient();

// Load a EcP256k key
let _key = await keyClient.loadLocalKey(KeyType.EcP256k, 'private key');

// Load a Rsa2048 key
_key = await keyClient.loadLocalKey(KeyType.Rsa2048, 'private key');

// Load a Rsa3072 key
_key = await keyClient.loadLocalKey(KeyType.Rsa3072, 'private key');

// Load a Rsa4096 key
_key = await keyClient.loadLocalKey(KeyType.Rsa4096, 'private key');

// Load a Aes128 key
_key = await keyClient.loadLocalKey(KeyType.Aes128, 'password');

// Load a Aes256 key
_key = await keyClient.loadLocalKey(KeyType.Aes256, 'password');

// Load a BJJ key
_key = await keyClient.loadLocalKey(KeyType.Bjj, 'private key');