Encryption

The Ably.Rest.Crypto object exposes the following public methods:

Crypto.getDefaultParams(Object params): CipherParams

This call obtains a CipherParams object using the values passed in (which must be a subset of CipherParams fields that at a minimum includes a key), filling in any unspecified fields with default values, and checks that the result is a valid and self-consistent.<span lang=β€œgo”>returns a CipherParams object with fields set to default values. This generates random secret key and initialization vector (iv) values.

You will rarely need to call this yourself, since the client library will handle it for you if you specify cipher params when initializing a channel (as in the example at the top) or when setting channel options with channel#setOptions.

Parameters

params
The cipher params that you want to specify. It must at a minimum include a key, which should be either a binary (ArrayBuffer or Uint8Array) or a base64-encoded String.

Returns

On success, the method returns a complete CipherParams object. Failure will raise an exception.

Example

JavaScript v2.9
const cipherParams = Ably.Rest.Crypto.getDefaultParams({ key: <key> }); const channelOpts = { cipher: cipherParams }; const channel = rest.channels.get('gem-gin-cab', channelOpts);
Copied!

Crypto.generateRandomKey(Number keyLength?): Promise<ArrayBuffer>

This call obtains a randomly-generated binary key of the specified key length.

Parameters

keyLength
Optional number with the length of key to generate. For AES, this should be either 128 or 256. If unspecified, defaults to 256.

Returns

Returns a promise. On success, the promise is fulfilled with the generated key as an ArrayBuffer. On failure, the promise is rejected with an ErrorInfo object that details the reason why it was rejected.

Example

JavaScript v2.9
const key = await Ably.Rest.Crypto.generateRandomKey(256); const channel = rest.channels.get('gem-gin-cab', { cipher: { key: key } });
Copied!

Channel options are used for setting channel parameters and configuring encryption.

ChannelOptions, a plain JavaScript object, may optionally be specified when instancing a Channel, and this may be used to specify channel-specific options. The following attributes can be defined on the object:

Properties

params
Optional parameters which specify behaviour of the channel.Type: JSON Object
cipher
Requests encryption for this channel when not null, and specifies encryption-related parameters (such as algorithm, chaining mode, key length and key). See an exampleType: CipherParams or an options object containing at a minimum a key

A CipherParams contains configuration options for a channel cipher, including algorithm, mode, key length and key. Ably client libraries currently support AES with CBC, PKCS#7 with a default key length of 256 bits. All implementations also support AES128.

Individual client libraries may support either instancing a CipherParams directly, using Crypto.getDefaultParams(), or generating one automatically when initializing a channel, as in this example.

Properties

key
A binary (ArrayBuffer or Uint8Array) or base64-encoded String containing the secret key used for encryption and decryption
algorithm
AES The name of the algorithm in the default system provider, or the lower-cased version of it; eg β€œaes” or β€œAESβ€œType: String
keyLength
256 The key length in bits of the cipher, either 128 or 256Type: Integer
mode
CBC The cipher modeType: String
Select...