Viewing DSM Keys
Use the get /v1/cckm/dsm/keys API to view the list of DSM keys.
Syntax
curl -k '<IP>/api/v1/cckm/dsm/keys?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer AUTHTOKEN' --compressed
Request Parameters
| Parameter | Type | Description |
|---|---|---|
| AUTHTOKEN | string | Authorization token. |
Request Query Parameters
| Parameter | Type | Description |
|---|---|---|
| id | string | ID of the key. |
| uuid | string | UUID of the key. |
| name | string | Name of the key. |
| domain | string | Name of the DSM domain where the key resides. |
| domain_id | string | ID of the DSM domain where the key resides. |
| keyVersion | string | Version of the DSM key. |
| algorithm | string | Algorithm of the key. The algorithm can be: • RSA1024 (asymmetric) • RSA2048 (asymmetric) • RSA3072 (asymmetric) • RSA4096 (asymmetric) • AES256 (symmetric) • AES128 (symmetric) • ARIA128 (symmetric) • ARIA256 (symmetric) |
| state | string | State of the DSM key. |
| extractable | boolean | Whether the DSM key is extractable - true or false. |
| object_type | string | Type of the DSM key - symmetric or asymmetric. |
| registrationTokenEnabled | boolean | Whether registration tokens are enabled on the domain - true or false. |
| skip | integer | Number of records to skip. For example, if "skip":5 is specified, the first five records will not be displayed in the output. |
| limit | integer | Numbers of records to display. For example, if "limit":10 is specified, then the next 10 records (after skipping the number of records specified in the skip parameter) will be displayed in the output. |
| sort | string | Comma-delimited list of properties to sort the results. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/dsm/keys?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI0MmFmZDExNy02YzllLTRhNGUtOTAwYS1lYjlhNDNjYWE5ZDIiLCJzdWIiOiJsb2NhbHwzMTI5ODdkMS0wOWNiLTQxZTEtOThmNy1jZjRhNzgwNTZiMTMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNDVmOWE3NWUtMzI1NC00NWJkLWE0NzYtOWU2NWUyNjdmNGVkIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImU5ZDA4Mzc3LWUxNGEtNGY1Mi04MGJlLWU2ODQyNzcyNmViZSIsImlhdCI6MTYxNDc0OTg4OSwiZXhwIjoxNjE0NzUwMTg5fQ.P4njjTNAGdkIw4ZNz7ijS9Dwrow2DE-vG8bn0dKIr04' --compressed
Example Response
{
"skip": 0,
"limit": 2,
"total": 1,
"resources": [
{
"id": "d3296d8a-22bf-4b9c-8ff7-a41104b4631e",
"uri": "kylo:kylo:cckm:dsm-key:d3296d8a-22bf-4b9c-8ff7-a41104b4631e",
"account": "kylo:kylo:admin:accounts:kylo",
"application": "ncryptify:gemalto:admin:apps:kylo",
"devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
"createdAt": "2021-03-03T05:38:55.793895Z",
"updatedAt": "2021-03-03T05:38:55.790724Z",
"dsm_params": {
"name": "test-key",
"algorithm": "AES256",
"encryptionMode": "CBC",
"keyUsageType": "STORED_ON_SERVER",
"id": 312745,
"url": "/v1/domains/2153/keys/symmetric/312745",
"uuid": "b4946274-1389-31e5-86f9-ec48c0581a39",
"state": "ACTIVE",
"creationTime": "2021-03-03T13:07:58.243Z",
"source": "From DSM",
"domainId": 2153,
"keyVersion": 0,
"keyHash": "7b5e25713d79dc52d7df82c5106e6dd8b6a4270e52a568d141cc93923367d95246398601169016640e565be058d6b5bf",
"numberOfPolicies": 0,
"alignUnit": "",
"alignedCachedTime": 0,
"publicKey": "",
"publicKeyFormat": "",
"alignedKeyVersionLifeSpan": 0
},
"domain_id": "89c49e63-b5c9-46be-9371-0d8b0649e289",
"domain": "test-domain",
"object_type": "symmetric",
"attributes": {
"Cryptographic Usage Mask": "127",
"EXT_KID": "1796125542",
"MUID": "b4946274-1389-31e5-86f9-ec48c0581a39c04e690b-777e-303c-b66e-2f0a99229774",
"UUID": "b4946274-1389-31e5-86f9-ec48c0581a39",
"x-key-state": "ACTIVE",
"x-key-state-actions": "PROTECT_AND_PROCESS"
},
"extractable": true,
"versioned": false
},
]
}
The output shows the list of DSM keys available on the CipherTrust Manager.
Response Codes
| Response Code | Description |
|---|---|
| 2xx | Success |
| 4xx | Client errors |
| 5xx | Server errors |
Refer to HTTP status codes for details.
