Introduction
This document provides details on License key generation, which is managed internally by 1Kosmos.
License key generation
Any time a license key is required, the Client team would need to contact their respective Customer Success Manager and provide all the necessary details. The SLA to provide a license key is 48 hours.
Following details need to be collected before submitting a request
- Provide an expiry date for the license key requested
- When unspecified, the default value set is 2 years
- Authorized point of contact's email address from the Client
- License key would be sent via email only to an authorized client representative
API encryption
All 1Kosmos APIs require encryption of at least one parameter to initiate a transaction. Following are a list of cryptographic algorithms used within the BlockID ecosystem:
- Advanced Encryption Standard (AES)
- AES is a symmetric block cipher used for information protection.
- Elliptic Curve Diffie-Hellman (ECDH)
- ECDH Key Exchange is an asymmetric algorithm used for key exchange
- Elliptic Curve Digital Signature Algorithm (ECDSA)
- ECDSA is an asymmetric algorithm used for digital signatures
Our specification for the ECDSA key is secp256k1. Following are example commands to generate the ECDSA keys:
# Generate the private and public keys
openssl ecparam -name secp256k1 -genkey -noout | openssl ec -text -noout > key
# Extract the public key and remove the EC prefix 0x04
cat key | grep pub -A 5 | tail -n +2 | tr -d '\n[:space:]:' | sed 's/^04//' > pub
# Extract the private key and remove the leading zero byte
cat key | grep priv -A 3 | tail -n +2 | tr -d '\n[:space:]:' | sed 's/^00//' > priv
# Generate the hash and take the address part
cat pub | keccak-256sum -x -l | tr -d ' -' | tail -c 41 > address
Specification for creating the shared key
- The shared key between both parties in the transaction is created using ECDH. The algorithm used for ECDH is secp256k1
Specification for Encrypting Data
- Once a shared key is generated the data packet would need to be encrypted. The data packet is encrypted using AES 256 and sent over to the receiving party. The algorithm for encrypting the data packet is aes-256-gcm
Key Management
- Elliptic-curve Diffie–Hellman (ECDH) is a key agreement protocol that allows any two nodes in the BlockID ecosystem, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel. Given that this is a dynamic establishment of a secret key for each transaction, there are not restrictions for key rotation except for that the parties must use the same keys for the particular transaction for which a secret was established. This means that a calling application could choose to establish a unqiue public/private key pair for each transaction.
Support
If you need any clarifications or further assistance, reach out to your assgined Customer Success Manager
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article