class LocalSecretKeyAdministration extends SecretKeyAdministration
Linear Supertypes
Ordering
- Alphabetic
- By Inheritance
Inherited
- LocalSecretKeyAdministration
- SecretKeyAdministration
- FeatureFlagFilter
- NamedLogging
- Helpful
- AnyRef
- Any
- Hide All
- Show All
Visibility
- Public
- Protected
Instance Constructors
- new LocalSecretKeyAdministration(instance: InstanceReference, runner: AdminCommandRunner, consoleEnvironment: ConsoleEnvironment, crypto: => Crypto, loggerFactory: NamedLoggerFactory)(implicit executionContext: ExecutionContext)
Value Members
- final def !=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def ##: Int
- Definition Classes
- AnyRef → Any
- final def ==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def asInstanceOf[T0]: T0
- Definition Classes
- Any
- def cantonConfig: CantonConfig
- Attributes
- protected
- Definition Classes
- FeatureFlagFilter
- def check[T](flag: FeatureFlag)(command: => T): T
- Attributes
- protected
- Definition Classes
- FeatureFlagFilter
- def clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.CloneNotSupportedException]) @IntrinsicCandidate() @native()
- val consoleEnvironment: ConsoleEnvironment
- Attributes
- protected
- Definition Classes
- SecretKeyAdministration → FeatureFlagFilter
- def delete(fingerprint: Fingerprint, force: Boolean = false): Unit
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Delete private key", flag = console.this.Help.Summary.<init>$default$2)
- def download(fingerprint: Fingerprint, protocolVersion: ProtocolVersion = ProtocolVersion.latest, password: Option[String] = None): ByteString
- Definition Classes
- LocalSecretKeyAdministration → SecretKeyAdministration
- Annotations
- @Summary(s = "Download key pair", flag = console.this.Help.Summary.<init>$default$2)
- def download_to(fingerprint: Fingerprint, outputFile: String, protocolVersion: ProtocolVersion = ProtocolVersion.latest, password: Option[String] = None): Unit
- Definition Classes
- LocalSecretKeyAdministration → SecretKeyAdministration
- Annotations
- @Summary(s = "Download key pair and save it to a file", flag = console.this.Help.Summary.<init>$default$2)
- final def eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- def equals(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef → Any
- implicit def errorLoggingContext(implicit traceContext: TraceContext): ErrorLoggingContext
- Attributes
- protected
- Definition Classes
- NamedLogging
- def generate_encryption_key(name: String = "", keySpec: Option[EncryptionKeySpec] = None): EncryptionPublicKey
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Generate new public/private key pair for encryption and store it in the vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
|The optional name argument allows you to store an associated string for your convenience.
|The keySpec can be used to select a key specification, e.g., which elliptic curve to use, and the default spec is used if left unspecified.""")
- def generate_signing_key(name: String = "", usage: Set[SigningKeyUsage], keySpec: Option[SigningKeySpec] = None): SigningPublicKey
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Generate new public/private key pair for signing and store it in the vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
|The optional name argument allows you to store an associated string for your convenience.
|The usage specifies the intended use for the signing key that can be:
| - Namespace: for the root namespace key that defines a node's identity and signs topology requests;
| - SequencerAuthentication: for a signing key that authenticates members of the network towards a sequencer;
| - Protocol: for a signing key that deals with all the signing that happens as part of the protocol.
|The keySpec can be used to select a key specification, e.g., which elliptic curve to use, and the default spec is used if left unspecified.""")
- final def getClass(): Class[_ <: AnyRef]
- Definition Classes
- AnyRef → Any
- Annotations
- @IntrinsicCandidate() @native()
- def get_wrapper_key_id(): String
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Get the wrapper key id that is used for the encrypted private keys store", flag = console.this.Help.Summary.<init>$default$2)
- def hashCode(): Int
- Definition Classes
- AnyRef → Any
- Annotations
- @IntrinsicCandidate() @native()
- def help(methodName: String)(implicit consoleEnvironment: ConsoleEnvironment): Unit
- Definition Classes
- Helpful
- Annotations
- @Summary(s = "Help for specific commands (use help() or help(\"method\") for more information)", flag = console.this.Help.Summary.<init>$default$2) @Topic(t = Seq("Top-level Commands"))
- def help()(implicit consoleEnvironment: ConsoleEnvironment): Unit
- Definition Classes
- Helpful
- final def isInstanceOf[T0]: Boolean
- Definition Classes
- Any
- def list(filterFingerprint: String = "", filterName: String = "", filterPurpose: Set[KeyPurpose] = Set.empty, filterUsage: Set[SigningKeyUsage] = Set.empty): Seq[PrivateKeyMetadata]
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "List keys in private vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Returns all public keys to the corresponding private keys in the key vault.
|Optional arguments can be used for filtering.""")
- def logger: TracedLogger
- Attributes
- protected
- Definition Classes
- NamedLogging
- val loggerFactory: NamedLoggerFactory
- Attributes
- protected
- Definition Classes
- SecretKeyAdministration → NamedLogging
- implicit def namedLoggingContext(implicit traceContext: TraceContext): NamedLoggingContext
- Attributes
- protected
- Definition Classes
- NamedLogging
- final def ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- def noTracingLogger: Logger
- Attributes
- protected
- Definition Classes
- NamedLogging
- final def notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @IntrinsicCandidate() @native()
- final def notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @IntrinsicCandidate() @native()
- def register_kms_encryption_key(kmsKeyId: String, name: String = ""): EncryptionPublicKey
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Register the specified KMS encryption key in canton storing its public information in the vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
|The id for the KMS encryption key.
|The optional name argument allows you to store an associated string for your convenience.""")
- def register_kms_signing_key(kmsKeyId: String, usage: Set[SigningKeyUsage], name: String = ""): SigningPublicKey
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Register the specified KMS signing key in canton storing its public information in the vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
|The id for the KMS signing key.
|The usage specifies the intended use for the signing key that can be:
| - Namespace: for the root namespace key that defines a node's identity and signs topology requests;
| - SequencerAuthentication: for a signing key that authenticates members of the network towards a sequencer;
| - Protocol: for a signing key that deals with all the signing that happens as part of the protocol.
|The optional name argument allows you to store an associated string for your convenience.""")
- def rotate_kms_node_key(fingerprint: String, newKmsKeyId: String, name: String = ""): PublicKey
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Rotate a given node's keypair with a new pre-generated KMS keypair", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Rotates an existing encryption or signing key stored externally in a KMS with a pre-generated
key. NOTE: A namespace root signing key CANNOT be rotated by this command.
|The fingerprint of the key we want to rotate.
|The id of the new KMS key (e.g. Resource Name).
|An optional name for the new key.""")
- def rotate_node_key(fingerprint: String, name: String = ""): PublicKey
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Rotate a node's public/private key pair", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Rotates an existing encryption or signing key. NOTE: A namespace root or intermediate
signing key CANNOT be rotated by this command.
|The fingerprint of the key we want to rotate.
|An optional name for the new key.""")
- def rotate_node_keys(): Unit
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Rotate the node's public/private key pairs", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
|For a participant node it rotates the signing and encryption key pair.
|For a sequencer or mediator node it rotates the signing key pair as those nodes do not have an encryption key pair.
|NOTE: Namespace root or intermediate signing keys are NOT rotated by this command.""")
- def rotate_wrapper_key(newWrapperKeyId: String = ""): Unit
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Change the wrapper key for encrypted private keys store", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Change the wrapper key (e.g. AWS KMS key) being used to encrypt the private keys in the store.
|newWrapperKeyId: The optional new wrapper key id to be used. If the wrapper key id is empty Canton will generate a new key based on the current configuration.""")
- final def synchronized[T0](arg0: => T0): T0
- Definition Classes
- AnyRef
- def toString(): String
- Definition Classes
- AnyRef → Any
- def upload(pairBytes: ByteString, name: Option[String], password: Option[String] = None): Unit
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Upload a key pair", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Upload the previously downloaded key pair.
|pairBytes: The binary representation of a previously downloaded key pair
|name: The (optional) descriptive name of the key pair
|password: Optional password to decrypt an encrypted key pair""")
- def upload_from(filename: String, name: Option[String], password: Option[String] = None): Unit
- Definition Classes
- SecretKeyAdministration
- Annotations
- @Summary(s = "Upload (load and import) a key pair from file", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Upload the previously downloaded key pair from a file.
|filename: The name of the file holding the key pair
|name: The (optional) descriptive name of the key pair
|password: Optional password to decrypt an encrypted key pair""")
- final def wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException]) @native()
- final def wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])