Properties Summary |
Defined in: pki:ExportEncryptionKey |
scalar:Bool
|
clearEncryptionKey (pki:ExportEncryptionKey:clearEncryptionKey)
Setting this property to true will trigger the clearing of all fields in this mo,
set the strongEncryptionEnabled policy to False and keyConfigured to False. There is no
method to recover the previous passphrase before the clear operation.
|
string:Basic
|
cryptedPassphrase (pki:ExportEncryptionKey:cryptedPassphrase)
We never allow the passphrase to be returned via REST or
seen again but the *salted* hash can be returned via REST
to the user so that they can check if their passphrase is
the same as configured in the system.
|
pki:AES256Key
string:Password
|
encryptionKey (pki:ExportEncryptionKey:encryptionKey)
AES 256 Encryption Key
|
pki:AES256IV
string:Password
|
initializationVector (pki:ExportEncryptionKey:initializationVector)
AES 256 Encryption Initialization Vector
|
scalar:Bool
|
keyConfigured (pki:ExportEncryptionKey:keyConfigured)
Flag indicating if a passphrase/key is configured
|
pki:exportPassphraseType
string:Password
|
passphrase (pki:ExportEncryptionKey:passphrase)
The encryption parameters cannot be modified by a client request - only via a passphrase change
Setting this passphrase to blank/empty will trigger the clearing of all fields in this mo,
set the strongEncryptionEnabled policy to False and keyConfigured to False. There is no
method to recover the previous passphrase before the clear operation.
|
pki:passphraseKeyDerivationVersionType
scalar:Enum8
|
passphraseKeyDerivationVersion (pki:ExportEncryptionKey:passphraseKeyDerivationVersion)
Version of the algorithm used - used for forward compatibility
|
pki:exportEncryptionPolicyType
scalar:Bool
|
strongEncryptionEnabled (pki:ExportEncryptionKey:strongEncryptionEnabled)
Toggle to choose between weak and strong encryption - this flag can be set to True
only when keyConfigured=True
|
scalar:Date
|
timeGenerated (pki:ExportEncryptionKey:timeGenerated)
Ignore
|
Defined in: mo:Resolvable |
mo:Owner
scalar:Enum8
|
lcOwn (mo:Resolvable:lcOwn)
A value that indicates how this object was created. For internal use only.
|
Defined in: mo:Ownable |
scalar:Uint16
|
uid (mo:Ownable:uid)
A unique identifier for this object.
|
childAction
Type: mo:ModificationChildAction
Primitive Type: scalar:Bitmask32
Units: null
Encrypted: false
Access: implicit
Category: TopLevelChildAction
Comments:
-
Delete or ignore. For internal use only.
| |
Constants |
deleteAll |
16384u |
deleteAll |
NO COMMENTS
|
ignore |
4096u |
ignore |
NO COMMENTS
|
deleteNonPresent |
8192u |
deleteNonPresent |
NO COMMENTS
|
DEFAULT |
0 |
--- |
This type is used to
|
|
clearEncryptionKey
Type: scalar:Bool
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
Comments:
-
Setting this property to true will trigger the clearing of all fields in this mo,
set the strongEncryptionEnabled policy to False and keyConfigured to False. There is no
method to recover the previous passphrase before the clear operation.
| |
Constants |
no |
false |
--- |
NO COMMENTS
|
yes |
true |
--- |
NO COMMENTS
|
DEFAULT |
no(false) |
--- |
NO COMMENTS
|
|
cryptedPassphrase
Type: string:Basic
Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
Comments:
-
We never allow the passphrase to be returned via REST or
seen again but the *salted* hash can be returned via REST
to the user so that they can check if their passphrase is
the same as configured in the system.
descr
Type: naming:Descr
Primitive Type: string:Basic
Like: naming:Described:descr
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
Range: min: "0" max: "128"
Allowed Chars:
Regex: [a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]+
Comments:
-
Specifies a description of the policy definition.
dn
Type: reference:BinRef
Units: null
Encrypted: false
Access: implicit
Category: TopLevelDn
Comments:
-
A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.
encryptionKey
Type: pki:AES256Key
Primitive Type: string:Password
Units: null
Encrypted: true
Access: implicit
Category: TopLevelRegular
Comments:
-
AES 256 Encryption Key
initializationVector
Type: pki:AES256IV
Primitive Type: string:Password
Units: null
Encrypted: true
Access: implicit
Category: TopLevelRegular
Comments:
-
AES 256 Encryption Initialization Vector
keyConfigured
Type: scalar:Bool
Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
Comments:
-
Flag indicating if a passphrase/key is configured
| |
Constants |
no |
false |
--- |
NO COMMENTS
|
yes |
true |
--- |
NO COMMENTS
|
DEFAULT |
no(false) |
--- |
NO COMMENTS
|
|
lcOwn
Type: mo:Owner
Primitive Type: scalar:Enum8
Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
Comments:
-
A value that indicates how this object was created. For internal use only.
| |
Constants |
local |
0 |
Local |
NO COMMENTS
|
policy |
1 |
Policy |
NO COMMENTS
|
replica |
2 |
Replica |
NO COMMENTS
|
resolveOnBehalf |
3 |
ResolvedOnBehalf |
NO COMMENTS
|
implicit |
4 |
Implicit |
NO COMMENTS
|
DEFAULT |
local(0) |
Local |
NO COMMENTS
|
|
modTs
Type: mo:TStamp
Primitive Type: scalar:Date
Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
Comments:
-
The time when this object was last modified.
| |
Constants |
never |
0ull |
never |
NO COMMENTS
|
DEFAULT |
never(0ull) |
never |
NO COMMENTS
|
|
name
Type: naming:Name
Primitive Type: string:Basic
Overrides:pol:Obj:name | naming:NamedObject:name
Units: null
Encrypted: false
Access: create
Category: TopLevelRegular
Property Validators:
Range: min: "0" max: "64"
Allowed Chars:
Regex: [a-zA-Z0-9_.:-]+
Comments:
-
nameAlias
Type: naming:NameAlias
Primitive Type: string:Basic
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
Range: min: "0" max: "63"
Allowed Chars:
Regex: [a-zA-Z0-9_.-]+
Comments:
-
NO COMMENTS
ownerKey
Type: naming:Descr
Primitive Type: string:Basic
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
Range: min: "0" max: "128"
Allowed Chars:
Regex: [a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]+
Comments:
-
The key for enabling clients to own their data for entity correlation.
ownerTag
Type: naming:Descr
Primitive Type: string:Basic
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
Range: min: "0" max: "64"
Allowed Chars:
Regex: [a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]+
Comments:
-
A tag for enabling clients to add their own data. For example, to indicate who created this object.
passphrase
Type: pki:exportPassphraseType
Primitive Type: string:Password
Units: null
Encrypted: true
Access: admin
Category: TopLevelRegular
Property Validators:
Range: min: "0" max: "32"
Comments:
-
The encryption parameters cannot be modified by a client request - only via a passphrase change
Setting this passphrase to blank/empty will trigger the clearing of all fields in this mo,
set the strongEncryptionEnabled policy to False and keyConfigured to False. There is no
method to recover the previous passphrase before the clear operation.
passphraseKeyDerivationVersion
Type: pki:passphraseKeyDerivationVersionType
Primitive Type: scalar:Enum8
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
Comments:
-
Version of the algorithm used - used for forward compatibility
| |
Constants |
v1 |
0 |
PBKDF2 Version 1 |
Only one value possible today, but will allow new enum definitions in the future
|
DEFAULT |
v1(0) |
PBKDF2 Version 1 |
Only one value possible today, but will allow new enum definitions in the future
|
|
rn
Type: reference:BinRN
Units: null
Encrypted: false
Access: implicit
Category: TopLevelRn
Comments:
-
Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.
status
Type: mo:ModificationStatus
Primitive Type: scalar:Bitmask32
Units: null
Encrypted: false
Access: implicit
Category: TopLevelStatus
Comments:
-
The upgrade status. This property is for internal use only.
| |
Constants |
created |
2u |
created |
In a setter method: specifies that an object should be created.
An error is returned if the object already exists.
In the return value of a setter method: indicates that an object has been created.
|
modified |
4u |
modified |
In a setter method: specifies that an object should be modified
In the return value of a setter method: indicates that an object has been modified.
|
deleted |
8u |
deleted |
In a setter method: specifies that an object should be deleted.
In the return value of a setter method: indicates that an object has been deleted.
|
DEFAULT |
0 |
--- |
This type controls the life cycle of objects passed in the XML API.
When used in a setter method (such as configConfMo), the ModificationStatus
specifies whether an object should be created, modified, deleted or removed.
In the return value of a setter method, the ModificationStatus indicates the actual
operation that was performed. For example, the ModificationStatus is set to "created"
if the object was created. The ModificationStatus is not set if the object was neither
created, modified, deleted or removed.
When invoking a setter method, the ModificationStatus is optional:
If a setter method such as configConfMo is invoked and the ModificationStatus
is not set, the system automatically determines if the object should be created or modified.
|
|
strongEncryptionEnabled
Type: pki:exportEncryptionPolicyType
Primitive Type: scalar:Bool
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
Property Validators:
Comments:
-
Toggle to choose between weak and strong encryption - this flag can be set to True
only when keyConfigured=True
| |
Constants |
no |
false |
--- |
NO COMMENTS
|
yes |
true |
--- |
NO COMMENTS
|
DEFAULT |
no(false) |
--- |
NO COMMENTS
|
|
timeGenerated
Type: scalar:Date
Units: date
Encrypted: false
Access: implicit
Category: TopLevelRegular
Comments:
-
Ignore
uid
Type: scalar:Uint16
Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
Comments:
-
A unique identifier for this object.