encKeyName property

String? encKeyName
getter/setter pair

The name of the key used to encrypt the AtValue

  • If not provided, use sharedKeyEnc in this metaData.
  • If sharedKeyEnc is not provided in this metadata, use the default shared key. For example if this is @bob and the data was shared by @alice, then @bob will use the key at @bob:shared_key@alice
  • When encKeyName is provided, just the key name must be provided - neither the visibility prefix nor the sharedBy suffix should be included. For example @alice might choose to encrypt some data to share with bob at @bob:some_data.wavi@alice, using the shared key they have shared at @bob:key_12345.__shared_keys.wavi@alice. The encKeyName in this case must be provided as key_12345.__shared_keys.wavi
  • Note: The same scheme holds for data encrypted by @bob for @bob's own use. In this case we don't call it a "shared" key but instead we call it a "self" encryption key.
  • Note that the legacy default self encryption key is not stored in the keyStore but is kept in the set of keys held by applications.
  • In future we will (1) store the self encryption key in the keyStore, encrypted with one of our encryption public keys, and (2) allow creation of many 'self' encryption keys and store them in an application namespace. For example @bob might create a self encryption key at key_54321.__self_keys.wavi@bob; if used to encrypt some data for self, then the encKeyName would be set to key_54321.__self_keys.wavi since the sharedBy of the encrypting key will be the same as the sharedBy of the encrypted key.

Implementation

String? encKeyName;