%Wallet.RSA

persistent class %Wallet.RSA extends %Wallet.AsymmetricKey

SQL Table Name: %Wallet.RSA

This %Wallet.Secret type defines storage for RSA public / private key pairs.
This class supports the RSA signing, verification and encryption operations defined in %SYSTEM.Encryption. The secret must contain a public key or certificate, and may contain the corresponding private key. Operations requiring the private key (signing and decryption) require access to the collection resource (see %Wallet.Collection). Operations requring the certificate / public key (validating signatures or encryption) are not restricted.

  set sc = ##class(%Wallet.RSA).Create("RSATest.MySecret", {
  	"CertificateFile": "/x509/rsa.cer",
  	"PrivateKeyFile": "/x509/rsa.key"
  })
  
  set sig = ##class(%Wallet.RSA).SHASign("RSATest.MySecret", 256, mymessage)
  set valid = ##class(%Wallet.RSA).SHAVerify("RSATest.MySecret", 256, mymessage, sig)

Property Inventory

Length

Parameters

parameter SHA3Lengths;

parameter SHALengths;

Properties

property Length as %Integer;

The length of the modulus of the RSA key, in bits.

Property methods: LengthDisplayToLogical(), LengthGet(), LengthGetStored(), LengthIsValid(), LengthLogicalToDisplay(), LengthNormalize(), LengthSet(), LengthXSDToLogical()

Methods

classmethod Create(name As %String, ByRef properties) as %Status

Create a new secret containing an RSA public key or certificate and (optionally) the corresponding private key. Valid properties are:

Certificate

CertificateFile

PublicKey

PublicKeyFile

PrivateKey

PrivateKeyFile

Password

Length

For example:

  // create a secret from the given certificate and key files:
  set sc = ##class(%Wallet.RSA).Create("RSATest.Secret1", {
  	"CertificateFile": "/x509/rsa.cer",
  	"PrivateKeyFile": "/x509/rsa.key"
  })
  
  // generate a new RSA key pair with the given length:
  set sc = ##class(%Wallet.RSA).Create("RSATest.Secret2", {
  	"Length": 4096
  })
  
  // create a secret from the given certificate (can only be used to verify signatures or encrypt data):
  set sc = ##class(%Wallet.RSA).Create("RSATest.Secret3", {
  	"Certificate": (myCer)
  })

classmethod Decrypt(name As %String, ciphertext As %String) as %String

Decrypt the given ciphertext using the private key stored in secret name.
See %SYSTEM.Encryption RSADecrypt for details.

classmethod Encrypt(name As %String, plaintext As %String) as %String

Encrypt the given plaintext using the public key stored in secret name.
The maximum length of the plaintext is limited by the length the modulus of the RSA key.
See %SYSTEM.Encryption RSAEncrypt for details.

classmethod SHA3Sign(name As %String, bitlength As %Integer, data As %String) as %String

Sign the message data with the private key stored in secret name using the RSA-SHA-3 algorithm with the given bitlength See %SYSTEM.Encryption RSASHA3Sign for details.

classmethod SHA3Verify(name As %String, bitlength As %Integer, data As %String, signature As %String, Output error As %String) as %Boolean

Verify the signature signature and message data using the public key stored in secret name using the RSA-SHA-3 algorithm with the given bitlength. See %SYSTEM.Encryption RSASHA3Verify for details.

classmethod SHASign(name As %String, bitlength As %Integer, data As %String) as %String

Sign the message data with the private key stored in secret name using the RSA-SHA algorithm with the given bitlength See %SYSTEM.Encryption RSASHASign for details.

classmethod SHAVerify(name As %String, bitlength As %Integer, data As %String, signature As %String, Output error As %String) as %Boolean

Verify the signature signature and message data using the public key stored in secret name using the RSA-SHA algorithm with the given bitlength. See %SYSTEM.Encryption RSASHAVerify for details.

Inherited Members

Inherited Properties

Certificate

CertificateFile

HasCertificate

HasPrivateKey

Name

Password

PrivateKey

PrivateKeyFile

PublicKey

PublicKeyFile

Secret

Secret64

Inherited Methods

%%CLASSNAMELogicalToStorage()

%%CLASSNAMEStorageToLogical()

%AddToSaveSet()

%AddToSyncSet()

%BMEBuilt()

%BuildIndicesAsync()

%BuildIndicesAsyncResponse()

%CheckConstraints()

%CheckConstraintsForExtent()

%ClassIsLatestVersion()

%ClassName()

%ComposeOid()

%ConstructClone()

%Delete()

%DeleteExtent()

%DeleteId()

%DispatchClassMethod()

%DispatchGetModified()

%DispatchGetProperty()

%DispatchMethod()

%DispatchSetModified()

%DispatchSetMultidimProperty()

%DispatchSetProperty()

%Exists()

%ExistsId()

%Extends()

%GUID()

%GUIDSet()

%GetLock()

%GetParameter()

%GetSwizzleObject()

%Id()

%InitExtentData()

%InsertBatch()

%IsA()

%IsModified()

%IsNull()

%KillExtent()

%KillExtentData()

%LoadFromMemory()

%LockExtent()

%LockId()

%New()

%NormalizeObject()

%ObjectIsNull()

%ObjectModified()

%Oid()

%OnBeforeAddToSync()

%OnDeleteFinally()

%OnDetermineClass()

%OnOpenFinally()

%OnSaveFinally()

%Open()

%OpenId()

%OriginalNamespace()

%PackageName()

%PhysicalAddress()

%PurgeIndices()

%Reload()

%RemoveFromSaveSet()

%ResolveConcurrencyConflict()

%RollBack()

%Save()

%SaveDirect()

%SaveIndices()

%SerializeObject()

%SetModified()

%SortBegin()

%SortEnd()

%SyncObjectIn()

%SyncTransport()

%UnlockExtent()

%UnlockId()

%ValidateIndices()

%ValidateObject()

%ValidateTable()

Copy()

Delete()

Exists()

GetPublic()

GetSecretValue()

Modify()

NameSet()

StorageExportGet()

StorageImportSet()

XMLDTD()

XMLExport()

XMLExportToStream()

XMLExportToString()

XMLNew()

XMLSchema()

XMLSchemaNamespace()

XMLSchemaType()

Storage

Gray indicates storage defined by superclasses.
Storage Model: Storage (%Wallet.Secret)

^|$$$SecurityMapWallet|WALLET("SecretD")(ID)
=

%%CLASSNAME

Storage

Collection

Version

Storage Model: Storage (%Wallet.AsymmetricKey)

^|$$$SecurityMapWallet|WALLET("SecretD")(ID,"AsymmetricKey")
=

HasCertificate

HasPrivateKey

Storage Model: Storage (%Wallet.RSA)

^|$$$SecurityMapWallet|WALLET("SecretD")(ID,"RSA")
=

Length