Chapter 1: Secret Data

This group includes the following commands:

  • Delete Secret Data

  • Get Secret Data Address

  • Get Secret Data Deletable Flag

  • Get Secret Data Invalid Date

  • Get Secret Data Mirror Flag

  • Get Secret Data Size

  • Get Secret Data Type

  • Get Secret Data Valid Date

  • Import Secret Data

  • List Secret Data

  • Remove Secret Data Group

  • Remove Secret Data User

  • Set Secret Data Access

  • Set Secret Data Deletable Flag

  • Set Secret Data Group

  • Set Secret Data Invalid Date

  • Set Secret Data Mirror Flag

  • Set Secret Data User

  • Set Secret Data Valid Date

See the sections below for more information.

 

Delete Secret Data

This command can be used to permanently delete a selected secret data stored on Alliance Key Manager.

image alt text

Secret Data Name: Specify the name of the secret data entry you wish to delete.

Secret Data ID: You can alternatively specify the 24 character ID associated with the secret data entry you wish to delete.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Delete Secret Data
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1282
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Delete Secret Data Command
---------------------------------------


A Return Code of “0” signifies that the key synchronization was successful.

Get Secret Data Access Flag

Secret Data can be restricted to ‘Users’ and ‘Groups’. You can use this command to display the user and group access flag for a specified secret data entry.

image alt text

Secret Data Name: The name of the secret data entry you wish to inspect.

Secret Data ID: The 24 character ID number associated with the secret data entry

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Get Secret Data Access Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00009
 Transaction Id: 1294
 Return Code: 0
 Command completed successfully.
Command Output: 
 Secret Data Access Flag: 1
---------------------------------------
End Get Secret Data Access Flag Command
---------------------------------------

The output echoes the Secret Data Access Flag

Get Secret Data Deletable Flag

Use this command to display the user and group access flag for a specified secret data entry.

image alt text

Secret Data Name: The name of the secret data entry you wish to confirm the deletable flag for.

Secret Data ID: The 24 character ID number associated with a secret data entry

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Get Secret Data Deletable Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00009
 Transaction Id: 1296
 Return Code: 0
 Command completed successfully.
Command Output: 
 Secret Data Deletable Flag: Y
---------------------------------------
End Get Secret Data Deletable Flag Command
---------------------------------------

The output returns the Secret Data Deletable Flag. Y indicating the secret data can be deleted, N indicating it cannot.

Get Secret Data Invalid Date

Use this command to verify the date that a specific secret data entry will become invalid.

image alt text

Secret Data Name: The name of the secret data entry you wish to confirm the expiration date for.

Secret Data ID: The 24 character ID number associated with a secret data entry.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Get Secret Data Invalid Date
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00016
 Transaction Id: 1290
 Return Code: 0
 Command completed successfully.
Command Output: 
 Secret Data Invalid Date: 20210318
---------------------------------------
End Get Secret Data Invalid Date Command
---------------------------------------

If Return Code is “0” then the command completed successfully and will display the following output:

Get Secret Data Mirror Flag

Use this command to confirm whether a secret data entry is set to mirror.

image alt text

Secret Data Name: The name of the secret data entry you wish to inspect.

Secret Data ID: The 24 character ID associated with the secret data entry you wish to check the mirror flag for.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Get Secret Data Mirror Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00009
 Transaction Id: 1298
 Return Code: 0
 Command completed successfully.
Command Output: 
 Secret Data Mirror Flag: Y
---------------------------------------
End Get Secret Data Mirror Flag Command
---------------------------------------

The returned Queue Size specifies how many transactions remain to be sent to the mirror. In the above example no transaction remain (Queue Size is “0000000000”), i.e. all transactions have been sent to the mirror.

Get Secret Data Size

Use this command to display the size of a given secret data entry.

image alt text

Secret Data Name: The name of the secret data entry you wish to inspect.

Secret Data ID: The 24 character ID associated with the secret data entry.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Get Secret Data Size
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00015
 Transaction Id: 1286
 Return Code: 0
 Command completed successfully.
Command Output: 
 Secret Data Size: 0000015
---------------------------------------
End Get Secret Data Size Command
---------------------------------------

The output lists the file size.

Get Secret Data Type

Use this command to view the type that has been specified for a secret data entry/

image alt text

Secret Data Name: The name of the secret data entry you wish to check the type of.

Secret Data ID: The ID associated with the specified secret data entry.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Get Secret Data Type
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00016
 Transaction Id: 1284
 Return Code: 0
 Command completed successfully.
Command Output: 
 Secret Data Type: CERT    
---------------------------------------
End Get Secret Data Type Command
---------------------------------------

If Return Code is “0” then the command was successful

 

Get Secret Data Valid Date

Use this command to create and activate a new mirror server.

image alt text

Secret Data Name: The name of the secret data entry you wish to inspect.

Secret Data ID: The ID associated with the secret data entry.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:



------------------------------------------
Command: Get Secret Data Valid Date
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00016
 Transaction Id: 1288
 Return Code: 0
 Command completed successfully.
Command Output: 
 Secret Data Valid Date: 00000000
---------------------------------------
End Get Secret Data Valid Date Command
---------------------------------------

No output values are echoes as part of the command response, but if Return Code is “0” the mirror address has been successfully added and activated on the AKM server.

Import Secret Data

This command allows you to specify files or text to be stored as secret data. You will be able to transmit up to 1 MB of secret data using this command. Note that when you use Base64 or Hex encoding, the actual size of the secret data will be less than the size transmitted.

image alt text image alt text

Secret Data Name: The name you would like the secret data to be listed as in the AKM.

Secret Data Type: The type of secret data you will be importing (this does not effect the file at all, this is for your own reference)

You will be able to set the valid date as well as the Invalid date. Secret data past its valid date will no longer be retrievable (you will be able to alter the date later from the admin console). You will always be able to change this date later, using the ‘Set Secret Data Valid Date’ and ‘Set Secret Data Invalid Date’ commands.

Secret Data Format allows you to specify the format you would like the secret data imported as. The available options are as follows:

  • RSA
  • BIN
  • B16
  • B64

Choose File allows you to specify a file to store on AKM as secret data. Keep in mind that the file size limit for imports is 1MB.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Import Secret Data
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1304
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Import Secret Data Command
---------------------------------------

The output echoes the Secret Data ID of the file imported. A return code of “0” signifies that the command completed sucessfuly.

List Secret Data

Use this command to list all secret data stored on the AKM you are connected to.

image alt text

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


Muoitest (10.0.0.177 port 6001)
------------------------------------------
Command: List Secret Data
------------------------------------------
Server: SUPPORT AKM1 (10.0.0.177 port 6001)
 Transaction Length: 00015
 Transaction Id: 1300
 Return Code: 0
 Command completed successfully.
Command Output:
 Secret Data Name List: 2
  Bailey (zgTZdJUH0H3ZRVMkAfZQDQ==)
  Cat (IG5Jmhtg0P7BbaKNGCPuIw==)
  
---------------------------------------
End List Secret Data Command
---------------------------------------

If Return Code is “0” then the command was successful

Remove Secret Data Group

Use this command to remove a specified group’s access to a selected secret data entry.

image alt text

Secret Data Name: The name of the secret data entry you wish to remove a group’s access to.

Group Name: The name of the group you wish to revoke access from.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Remove Secret Data Group
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1304
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Remove Secret Data Group Command
---------------------------------------

If Return Code is “0” then the command was successful

Remove Secret Data User

Use this command to remove a user’s access to a specified secret data entry.

image alt text

Secret Data Name: The name of the secret data entry you wish to remove a user from.

User Name: The name of the user to remove from the access list.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Remove Secret Data User
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1266
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Set Secret Data User Command
---------------------------------------

If Return Code is “0” then the command was successful

Set Secret Data Access

Use this command to remove a specified group from access to a selected secret data entry. You can select User/Group, to turn on user and group access controls, or select Anyone, to allow open access to the secret data specified.

image alt text

Secret Data Name: The name of the secret data entry you wish to set access for.

Secret Data ID: The 24 character ID associated with the specified secret data entry.

  • Anyone
  • User/Group

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Set Secret Data Access
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1264
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Set Secret Data Access Command
---------------------------------------

If Return Code is “0” then the command was successful

Set Secret Data Deletable Flag

Use this command to change the deletable flag that has been set for a specified secret data entry. the options will be ‘yes’ for deletable, and ‘no’ for non-deletable

image alt text

Secret Data Name: The name of the secret data entry you wish to set the deletable flag for.

Secret Data ID: The 24 character ID associated with the specified secret data entry.

*Yes *No

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Set Secret Data Deletable Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1272
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Set Secret Data Deletable Flag Command
---------------------------------------

If Return Code is “0” then the command was successful

Set Secret Data Group

Use this command to set the group that will have access to a specified secret data entry.

image alt text

Secret Data Name: The name of the secret data entry you wish to set the group for.

Group Name: The name of the group you wish to allow access for.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Set Secret Data Group
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1268
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Set Secret Data Group Command
---------------------------------------

If Return Code is “0” then the command was successful

Set Secret Data Invalid Date

Use this command to set the date on which a specified secret data entry will become invalid.

image alt text

Secret Data Name: The name of the secret data entry you wish to set the invalid date for.

Secret Data ID: The 24 character ID associated with the specified secret data entry.

Invalid Date: Select a date.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: 
------------------------------------------

If Return Code is “0” then the command was successful

Set Secret Data Mirror Flag

Use this command to determine if a specific piece of secret data will mirror or not.

image alt text

Secret Data Name: The name of the secret data entry you wish to set the mirror flag on.

Secret Data ID: The 24 character ID associated with the specified secret data entry.

Mirror Secret Data: Select a Yes to allow secret data to mirror, or No to prevent mirroring.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Set Secret Data Mirror Flag
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1270
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Set Secret Data Mirror Flag Command
---------------------------------------

If Return Code is “0” then the command was successful

Set Secret Data User

Use this command to assign a user to a specific piece of secret data.

image alt text

Secret Data Name: The name of the secret data entry you wish to assign the user to.

User Name: Enter the user you wish to assign the secret data entry to.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command: Set Secret Data User
------------------------------------------
Server: SUPPORT AKM 1 (10.0.0.177 port 6001)
 Transaction Length: 00008
 Transaction Id: 1266
 Return Code: 0
 Command completed successfully.
Command Output: 
 No additional command output
---------------------------------------
End Set Secret Data User Command
---------------------------------------

If Return Code is “0” then the command was successful

Set Secret Data Valid Date

Use this command to set the date on which a specified secret data entry will become valid.

image alt text

Secret Data Name: The name of the secret data entry you wish to set the valid date for.

Secret Data ID: The ID associated with the specified secret data entry.

Invalid Date: Select a date.

When you click Submit, the information is sent to the AKM server and the application responds with the result of your request:


------------------------------------------
Command:
------------------------------------------

If Return Code is “0” then the command was successful