Chapter 1: Secret Data
This group includes the following commands:
-
Delete Secret Data
-
Get Secret Data Address
-
Get Secret Data Deletable Flag
-
Get Secret Data Invalid Date
-
Get Secret Data Mirror Flag
-
Get Secret Data Size
-
Get Secret Data Type
-
Get Secret Data Valid Date
-
Import Secret Data
-
List Secret Data
-
Remove Secret Data Group
-
Remove Secret Data User
-
Set Secret Data Access
-
Set Secret Data Deletable Flag
-
Set Secret Data Group
-
Set Secret Data Invalid Date
-
Set Secret Data Mirror Flag
-
Set Secret Data User
-
Set Secret Data Valid Date
See the sections below for more information.
Delete Secret Data
This command can be used to permanently delete a selected secret data stored on Alliance Key Manager.
Secret Data Name: Specify the name of the secret data entry you wish to delete.
Secret Data ID: You can alternatively specify the 24 character ID associated with the secret data entry you wish to delete.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Delete Secret Data
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1282
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Delete Secret Data Command
---------------------------------------
A Return Code of “0” signifies that the key synchronization was successful.
Get Secret Data Access Flag
Secret Data can be restricted to ‘Users’ and ‘Groups’. You can use this command to display the user and group access flag for a specified secret data entry.
Secret Data Name: The name of the secret data entry you wish to inspect.
Secret Data ID: The 24 character ID number associated with the secret data entry
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Get Secret Data Access Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00009
Transaction Id: 1294
Return Code: 0
Command completed successfully.
Command Output:
Secret Data Access Flag: 1
---------------------------------------
End Get Secret Data Access Flag Command
---------------------------------------
The output echoes the Secret Data Access Flag
Get Secret Data Deletable Flag
Use this command to display the user and group access flag for a specified secret data entry.
Secret Data Name: The name of the secret data entry you wish to confirm the deletable flag for.
Secret Data ID: The 24 character ID number associated with a secret data entry
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Get Secret Data Deletable Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00009
Transaction Id: 1296
Return Code: 0
Command completed successfully.
Command Output:
Secret Data Deletable Flag: Y
---------------------------------------
End Get Secret Data Deletable Flag Command
---------------------------------------
The output returns the Secret Data Deletable Flag. Y indicating the secret data can be deleted, N indicating it cannot.
Get Secret Data Invalid Date
Use this command to verify the date that a specific secret data entry will become invalid.
Secret Data Name: The name of the secret data entry you wish to confirm the expiration date for.
Secret Data ID: The 24 character ID number associated with a secret data entry.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Get Secret Data Invalid Date
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00016
Transaction Id: 1290
Return Code: 0
Command completed successfully.
Command Output:
Secret Data Invalid Date: 20210318
---------------------------------------
End Get Secret Data Invalid Date Command
---------------------------------------
If Return Code is “0” then the command completed successfully and will display the following output:
Get Secret Data Mirror Flag
Use this command to confirm whether a secret data entry is set to mirror.
Secret Data Name: The name of the secret data entry you wish to inspect.
Secret Data ID: The 24 character ID associated with the secret data entry you wish to check the mirror flag for.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Get Secret Data Mirror Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00009
Transaction Id: 1298
Return Code: 0
Command completed successfully.
Command Output:
Secret Data Mirror Flag: Y
---------------------------------------
End Get Secret Data Mirror Flag Command
---------------------------------------
The returned Queue Size specifies how many transactions remain to be sent to the mirror. In the above example no transaction remain (Queue Size is “0000000000”), i.e. all transactions have been sent to the mirror.
Get Secret Data Size
Use this command to display the size of a given secret data entry.
Secret Data Name: The name of the secret data entry you wish to inspect.
Secret Data ID: The 24 character ID associated with the secret data entry.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Get Secret Data Size
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00015
Transaction Id: 1286
Return Code: 0
Command completed successfully.
Command Output:
Secret Data Size: 0000015
---------------------------------------
End Get Secret Data Size Command
---------------------------------------
The output lists the file size.
Get Secret Data Type
Use this command to view the type that has been specified for a secret data entry/
Secret Data Name: The name of the secret data entry you wish to check the type of.
Secret Data ID: The ID associated with the specified secret data entry.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Get Secret Data Type
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00016
Transaction Id: 1284
Return Code: 0
Command completed successfully.
Command Output:
Secret Data Type: CERT
---------------------------------------
End Get Secret Data Type Command
---------------------------------------
If Return Code is “0” then the command was successful
Get Secret Data Valid Date
Use this command to create and activate a new mirror server.
Secret Data Name: The name of the secret data entry you wish to inspect.
Secret Data ID: The ID associated with the secret data entry.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Get Secret Data Valid Date
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00016
Transaction Id: 1288
Return Code: 0
Command completed successfully.
Command Output:
Secret Data Valid Date: 00000000
---------------------------------------
End Get Secret Data Valid Date Command
---------------------------------------
No output values are echoes as part of the command response, but if Return Code is “0” the mirror address has been successfully added and activated on the AKM server.
Import Secret Data
This command allows you to specify files or text to be stored as secret data. You will be able to transmit up to 1 MB of secret data using this command. Note that when you use Base64 or Hex encoding, the actual size of the secret data will be less than the size transmitted.
Secret Data Name: The name you would like the secret data to be listed as in the AKM.
Secret Data Type: The type of secret data you will be importing (this does not effect the file at all, this is for your own reference)
You will be able to set the valid date as well as the Invalid date. Secret data past its valid date will no longer be retrievable (you will be able to alter the date later from the admin console). You will always be able to change this date later, using the ‘Set Secret Data Valid Date’ and ‘Set Secret Data Invalid Date’ commands.
Secret Data Format allows you to specify the format you would like the secret data imported as. The available options are as follows:
- RSA
- BIN
- B16
- B64
Choose File allows you to specify a file to store on AKM as secret data. Keep in mind that the file size limit for imports is 1MB.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Import Secret Data
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1304
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Import Secret Data Command
---------------------------------------
The output echoes the Secret Data ID of the file imported. A return code of “0” signifies that the command completed sucessfuly.
List Secret Data
Use this command to list all secret data stored on the AKM you are connected to.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
Muoitest (10.0.0.177 port 6001)
------------------------------------------
Command: List Secret Data
------------------------------------------
Server: SUPPORT AKM1 (10.0.0.177 port 6001)
Transaction Length: 00015
Transaction Id: 1300
Return Code: 0
Command completed successfully.
Command Output:
Secret Data Name List: 2
Bailey (zgTZdJUH0H3ZRVMkAfZQDQ==)
Cat (IG5Jmhtg0P7BbaKNGCPuIw==)
---------------------------------------
End List Secret Data Command
---------------------------------------
If Return Code is “0” then the command was successful
Remove Secret Data Group
Use this command to remove a specified group’s access to a selected secret data entry.
Secret Data Name: The name of the secret data entry you wish to remove a group’s access to.
Group Name: The name of the group you wish to revoke access from.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Remove Secret Data Group
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1304
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Remove Secret Data Group Command
---------------------------------------
If Return Code is “0” then the command was successful
Remove Secret Data User
Use this command to remove a user’s access to a specified secret data entry.
Secret Data Name: The name of the secret data entry you wish to remove a user from.
User Name: The name of the user to remove from the access list.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Remove Secret Data User
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1266
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Set Secret Data User Command
---------------------------------------
If Return Code is “0” then the command was successful
Set Secret Data Access
Use this command to remove a specified group from access to a selected secret data entry. You can select User/Group, to turn on user and group access controls, or select Anyone, to allow open access to the secret data specified.
Secret Data Name: The name of the secret data entry you wish to set access for.
Secret Data ID: The 24 character ID associated with the specified secret data entry.
- Anyone
- User/Group
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Set Secret Data Access
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1264
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Set Secret Data Access Command
---------------------------------------
If Return Code is “0” then the command was successful
Set Secret Data Deletable Flag
Use this command to change the deletable flag that has been set for a specified secret data entry. the options will be ‘yes’ for deletable, and ‘no’ for non-deletable
Secret Data Name: The name of the secret data entry you wish to set the deletable flag for.
Secret Data ID: The 24 character ID associated with the specified secret data entry.
*Yes *No
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Set Secret Data Deletable Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1272
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Set Secret Data Deletable Flag Command
---------------------------------------
If Return Code is “0” then the command was successful
Set Secret Data Group
Use this command to set the group that will have access to a specified secret data entry.
Secret Data Name: The name of the secret data entry you wish to set the group for.
Group Name: The name of the group you wish to allow access for.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Set Secret Data Group
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1268
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Set Secret Data Group Command
---------------------------------------
If Return Code is “0” then the command was successful
Set Secret Data Invalid Date
Use this command to set the date on which a specified secret data entry will become invalid.
Secret Data Name: The name of the secret data entry you wish to set the invalid date for.
Secret Data ID: The 24 character ID associated with the specified secret data entry.
Invalid Date: Select a date.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command:
------------------------------------------
If Return Code is “0” then the command was successful
Set Secret Data Mirror Flag
Use this command to determine if a specific piece of secret data will mirror or not.
Secret Data Name: The name of the secret data entry you wish to set the mirror flag on.
Secret Data ID: The 24 character ID associated with the specified secret data entry.
Mirror Secret Data: Select a Yes to allow secret data to mirror, or No to prevent mirroring.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Set Secret Data Mirror Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1270
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Set Secret Data Mirror Flag Command
---------------------------------------
If Return Code is “0” then the command was successful
Set Secret Data User
Use this command to assign a user to a specific piece of secret data.
Secret Data Name: The name of the secret data entry you wish to assign the user to.
User Name: Enter the user you wish to assign the secret data entry to.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command: Set Secret Data User
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
Transaction Length: 00008
Transaction Id: 1266
Return Code: 0
Command completed successfully.
Command Output:
No additional command output
---------------------------------------
End Set Secret Data User Command
---------------------------------------
If Return Code is “0” then the command was successful
Set Secret Data Valid Date
Use this command to set the date on which a specified secret data entry will become valid.
Secret Data Name: The name of the secret data entry you wish to set the valid date for.
Secret Data ID: The ID associated with the specified secret data entry.
Invalid Date: Select a date.
When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:
------------------------------------------
Command:
------------------------------------------
If Return Code is “0” then the command was successful