Difference between revisions of "Key REST API"

From Dogtag
Jump to: navigation, search
m (Retrieving a Key)
m (Retrieving Key with AES KeyWrap/Padding)
Line 56: Line 56:
 
             {
 
             {
 
                 "name": "transWrappedSessionKey",
 
                 "name": "transWrappedSessionKey",
                 "value": "feKvfVpaCcWi2l30h471kErKb5TWdGyVFy3OxvXUjSG1dPWeFJK6ZSDuMT1Vk808XrAoY3lhjSFigNZ1BnO7bq8KauIx3JRQIkp5jd+0YKtR/RVq/xxyRVBeLzgPGl410jL0tLsf/1rue2Hgj4oWZf2eOHZSTGoW74nELcmIQmDZDgCUxEGf6mnKohhAWMk0E1B1uvGfEuE/uA5s4stwDpU0Jw7SHp/Km4CGWP406lJYsYs/eFn+QjVfiZtfqkro1wHJHjB3xY6AAd+RywcMy+HVIsXE9kvl2V2wwmOPMMIGoDQVpqdk1ldh5oCwiiSjO/smavPnwFGatts4Jeg1qA=="
+
                 "value": <base64-encoded data>
 
             },
 
             },
 
             {
 
             {

Revision as of 17:03, 11 October 2019

Retrieving a Key

Retrieving Key With DES3/CBC/Pad

Request:

{
    "Attributes": {
        "Attribute": [
            {
                "name": "keyId",
                "value": "22"
            },
            {
                "name": "transWrappedSessionKey",
                "value": <base64-encoded data>
            },
            {
                "name": "payloadEncryptionOID",
                "value": "{1 2 840 113549 3 7}"
            },
            {
                "name": "payloadWrappingName",
                "value": "DES3/CBC/Pad"
            }
        ]
    },
    "ClassName": "com.netscape.certsrv.key.KeyRecoveryRequest"
}

Response:

{
    "wrappedPrivateData": <base64-encoded data>,
    "nonceData": <base64-encoded data>,
    "encryptAlgorithmOID": "DESede/CBC/PKCS5Padding/168",
    "type": "passPhrase"
}

Retrieving Key with AES KeyWrap/Padding

Request:

{
    "Attributes": {
        "Attribute": [
            {
                "name": "keyId",
                "value": "3"
            },
            {
                "name": "transWrappedSessionKey",
                "value": <base64-encoded data>
            },
            {
                "name": "payloadEncryptionOID",
                "value": "{2 16 840 1 101 3 4 1 2}"
            },
            {
                "name": "payloadWrappingName",
                "value": "AES KeyWrap/Padding"
            }
        ]
    },
    "ClassName": "com.netscape.certsrv.key.KeyRecoveryRequest"
}

Response:

{
    "wrappedPrivateData": <base64-encoded data>,
    "nonceData": <base64-encoded data>,
    "encryptAlgorithmOID": "AES/CBC/PKCS5Padding/128",
    "type": "passPhrase"
}

See Also

  • [{Key Management]]