Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo
back

DSM Key APIs

Viewing DSM Keys

search

Please Note:

Viewing DSM Keys

Use the get /v1/cckm/dsm/keys API to view the list of DSM keys.

Syntax

curl -k '<IP>/api/v1/cckm/dsm/keys?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer AUTHTOKEN' --compressed

Request Parameters

ParameterTypeDescription
AUTHTOKENstringAuthorization token.

Request Query Parameters

ParameterTypeDescription
idstringID of the key.
uuidstringUUID of the key.
namestringName of the key.
domainstringName of the DSM domain where the key resides.
domain_idstringID of the DSM domain where the key resides.
keyVersionstringVersion of the DSM key.
algorithmstringAlgorithm of the key. The algorithm can be:
• RSA1024 (asymmetric)
• RSA2048 (asymmetric)
• RSA3072 (asymmetric)
• RSA4096 (asymmetric)
• AES256 (symmetric)
• AES128 (symmetric)
• ARIA128 (symmetric)
• ARIA256 (symmetric)
statestringState of the DSM key.
extractablebooleanWhether the DSM key is extractable - true or false.
object_typestringType of the DSM key - symmetric or asymmetric.
registrationTokenEnabledbooleanWhether registration tokens are enabled on the domain - true or false.
skipintegerNumber of records to skip. For example, if "skip":5 is specified, the first five records will not be displayed in the output.
limitintegerNumbers of records to display. For example, if "limit":10 is specified, then the next 10 records (after skipping the number of records specified in the skip parameter) will be displayed in the output.
sortstringComma-delimited list of properties to sort the results.

Example Request

curl -k 'https://127.0.0.1/api/v1/cckm/dsm/keys?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI0MmFmZDExNy02YzllLTRhNGUtOTAwYS1lYjlhNDNjYWE5ZDIiLCJzdWIiOiJsb2NhbHwzMTI5ODdkMS0wOWNiLTQxZTEtOThmNy1jZjRhNzgwNTZiMTMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNDVmOWE3NWUtMzI1NC00NWJkLWE0NzYtOWU2NWUyNjdmNGVkIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImU5ZDA4Mzc3LWUxNGEtNGY1Mi04MGJlLWU2ODQyNzcyNmViZSIsImlhdCI6MTYxNDc0OTg4OSwiZXhwIjoxNjE0NzUwMTg5fQ.P4njjTNAGdkIw4ZNz7ijS9Dwrow2DE-vG8bn0dKIr04' --compressed

Example Response

{
    "skip": 0,
    "limit": 2,
    "total": 1,
    "resources": [
        {
            "id": "d3296d8a-22bf-4b9c-8ff7-a41104b4631e",
            "uri": "kylo:kylo:cckm:dsm-key:d3296d8a-22bf-4b9c-8ff7-a41104b4631e",
            "account": "kylo:kylo:admin:accounts:kylo",
            "application": "ncryptify:gemalto:admin:apps:kylo",
            "devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
            "createdAt": "2021-03-03T05:38:55.793895Z",
            "updatedAt": "2021-03-03T05:38:55.790724Z",
            "dsm_params": {
                "name": "test-key",
                "algorithm": "AES256",
                "encryptionMode": "CBC",
                "keyUsageType": "STORED_ON_SERVER",
                "id": 312745,
                "url": "/v1/domains/2153/keys/symmetric/312745",
                "uuid": "b4946274-1389-31e5-86f9-ec48c0581a39",
                "state": "ACTIVE",
                "creationTime": "2021-03-03T13:07:58.243Z",
                "source": "From DSM",
                "domainId": 2153,
                "keyVersion": 0,
                "keyHash": "7b5e25713d79dc52d7df82c5106e6dd8b6a4270e52a568d141cc93923367d95246398601169016640e565be058d6b5bf",
                "numberOfPolicies": 0,
                "alignUnit": "",
                "alignedCachedTime": 0,
                "publicKey": "",
                "publicKeyFormat": "",
                "alignedKeyVersionLifeSpan": 0
            },
            "domain_id": "89c49e63-b5c9-46be-9371-0d8b0649e289",
            "domain": "test-domain",
            "object_type": "symmetric",
            "attributes": {
                "Cryptographic Usage Mask": "127",
                "EXT_KID": "1796125542",
                "MUID": "b4946274-1389-31e5-86f9-ec48c0581a39c04e690b-777e-303c-b66e-2f0a99229774",
                "UUID": "b4946274-1389-31e5-86f9-ec48c0581a39",
                "x-key-state": "ACTIVE",
                "x-key-state-actions": "PROTECT_AND_PROCESS"
            },
            "extractable": true,
            "versioned": false
        },
    ]
}

The output shows the list of DSM keys available on the CipherTrust Manager.

Response Codes

Response CodeDescription
2xxSuccess
4xxClient errors
5xxServer errors

Refer to HTTP status codes for details.