c

com.digitalasset.canton.console.commands

SecretKeyAdministration

class SecretKeyAdministration extends Helpful with FeatureFlagFilter

Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. SecretKeyAdministration
  2. FeatureFlagFilter
  3. NamedLogging
  4. Helpful
  5. AnyRef
  6. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Instance Constructors

  1. new SecretKeyAdministration(instance: InstanceReference, runner: AdminCommandRunner, consoleEnvironment: ConsoleEnvironment, loggerFactory: NamedLoggerFactory)

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##: Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  5. def cantonConfig: CantonConfig
    Attributes
    protected
    Definition Classes
    FeatureFlagFilter
  6. def check[T](flag: FeatureFlag)(command: => T): T
    Attributes
    protected
    Definition Classes
    FeatureFlagFilter
  7. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.CloneNotSupportedException]) @IntrinsicCandidate() @native()
  8. val consoleEnvironment: ConsoleEnvironment
    Attributes
    protected
    Definition Classes
    SecretKeyAdministrationFeatureFlagFilter
  9. def delete(fingerprint: Fingerprint, force: Boolean = false): Unit
    Annotations
    @Summary(s = "Delete private key", flag = console.this.Help.Summary.<init>$default$2)
  10. def download(fingerprint: Fingerprint, protocolVersion: ProtocolVersion = ProtocolVersion.latest, password: Option[String] = None): ByteString
    Annotations
    @Summary(s = "Download key pair", flag = FeatureFlag.Preview) @Description(s = """Download the key pair with the private and public key in its binary representation.
    |fingerprint: The identifier of the key pair to download
    |protocolVersion: The (optional) protocol version that defines the serialization of the key pair
    |password: Optional password to encrypt the exported key pair with"""    )
  11. def download_to(fingerprint: Fingerprint, outputFile: String, protocolVersion: ProtocolVersion = ProtocolVersion.latest, password: Option[String] = None): Unit
    Annotations
    @Summary(s = "Download key pair and save it to a file", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Download the key pair with the private and public key in its binary representation and store it in a file.
    |fingerprint: The identifier of the key pair to download
    |outputFile: The name of the file to store the key pair in
    |protocolVersion: The (optional) protocol version that defines the serialization of the key pair
    |password: Optional password to encrypt the exported key pair with"""    )
  12. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  13. def equals(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef → Any
  14. implicit def errorLoggingContext(implicit traceContext: TraceContext): ErrorLoggingContext
    Attributes
    protected
    Definition Classes
    NamedLogging
  15. def generate_encryption_key(name: String = "", keySpec: Option[EncryptionKeySpec] = None): EncryptionPublicKey
    Annotations
    @Summary(s = "Generate new public/private key pair for encryption and store it in the vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
    |The optional name argument allows you to store an associated string for your convenience.
    |The keySpec can be used to select a key specification, e.g., which elliptic curve to use, and the default spec is used if left unspecified."""    )
  16. def generate_signing_key(name: String = "", usage: Set[SigningKeyUsage], keySpec: Option[SigningKeySpec] = None): SigningPublicKey
    Annotations
    @Summary(s = "Generate new public/private key pair for signing and store it in the vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
    |The optional name argument allows you to store an associated string for your convenience.
    |The usage specifies the intended use for the signing key that can be:
    | - Namespace: for the root namespace key that defines a node's identity and signs topology requests;
    | - SequencerAuthentication: for a signing key that authenticates members of the network towards a sequencer;
    | - Protocol: for a signing key that deals with all the signing that happens as part of the protocol.
    |The keySpec can be used to select a key specification, e.g., which elliptic curve to use, and the default spec is used if left unspecified."""    )
  17. final def getClass(): Class[_ <: AnyRef]
    Definition Classes
    AnyRef → Any
    Annotations
    @IntrinsicCandidate() @native()
  18. def get_wrapper_key_id(): String
    Annotations
    @Summary(s = "Get the wrapper key id that is used for the encrypted private keys store", flag = console.this.Help.Summary.<init>$default$2)
  19. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @IntrinsicCandidate() @native()
  20. def help(methodName: String)(implicit consoleEnvironment: ConsoleEnvironment): Unit
    Definition Classes
    Helpful
    Annotations
    @Summary(s = "Help for specific commands (use help() or help(\"method\") for more information)", flag = console.this.Help.Summary.<init>$default$2) @Topic(t = Seq("Top-level Commands"))
  21. def help()(implicit consoleEnvironment: ConsoleEnvironment): Unit
    Definition Classes
    Helpful
  22. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  23. def list(filterFingerprint: String = "", filterName: String = "", filterPurpose: Set[KeyPurpose] = Set.empty, filterUsage: Set[SigningKeyUsage] = Set.empty): Seq[PrivateKeyMetadata]
    Annotations
    @Summary(s = "List keys in private vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Returns all public keys to the corresponding private keys in the key vault.
    |Optional arguments can be used for filtering."""    )
  24. def logger: TracedLogger
    Attributes
    protected
    Definition Classes
    NamedLogging
  25. val loggerFactory: NamedLoggerFactory
    Attributes
    protected
    Definition Classes
    SecretKeyAdministrationNamedLogging
  26. implicit def namedLoggingContext(implicit traceContext: TraceContext): NamedLoggingContext
    Attributes
    protected
    Definition Classes
    NamedLogging
  27. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  28. def noTracingLogger: Logger
    Attributes
    protected
    Definition Classes
    NamedLogging
  29. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @IntrinsicCandidate() @native()
  30. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @IntrinsicCandidate() @native()
  31. def register_kms_encryption_key(kmsKeyId: String, name: String = ""): EncryptionPublicKey
    Annotations
    @Summary(s = "Register the specified KMS encryption key in canton storing its public information in the vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
    |The id for the KMS encryption key.
    |The optional name argument allows you to store an associated string for your convenience."""    )
  32. def register_kms_signing_key(kmsKeyId: String, usage: Set[SigningKeyUsage], name: String = ""): SigningPublicKey
    Annotations
    @Summary(s = "Register the specified KMS signing key in canton storing its public information in the vault", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
    |The id for the KMS signing key.
    |The usage specifies the intended use for the signing key that can be:
    | - Namespace: for the root namespace key that defines a node's identity and signs topology requests;
    | - SequencerAuthentication: for a signing key that authenticates members of the network towards a sequencer;
    | - Protocol: for a signing key that deals with all the signing that happens as part of the protocol.
    |The optional name argument allows you to store an associated string for your convenience."""    )
  33. def rotate_kms_node_key(fingerprint: String, newKmsKeyId: String, name: String = ""): PublicKey
    Annotations
    @Summary(s = "Rotate a given node's keypair with a new pre-generated KMS keypair", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Rotates an existing encryption or signing key stored externally in a KMS with a pre-generated
    key. NOTE: A namespace root signing key CANNOT be rotated by this command.
    |The fingerprint of the key we want to rotate.
    |The id of the new KMS key (e.g. Resource Name).
    |An optional name for the new key."""    )
  34. def rotate_node_key(fingerprint: String, name: String = ""): PublicKey
    Annotations
    @Summary(s = "Rotate a node's public/private key pair", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Rotates an existing encryption or signing key. NOTE: A namespace root or intermediate
    signing key CANNOT be rotated by this command.
    |The fingerprint of the key we want to rotate.
    |An optional name for the new key."""    )
  35. def rotate_node_keys(): Unit
    Annotations
    @Summary(s = "Rotate the node's public/private key pairs", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """
    |For a participant node it rotates the signing and encryption key pair.
    |For a sequencer or mediator node it rotates the signing key pair as those nodes do not have an encryption key pair.
    |NOTE: Namespace root or intermediate signing keys are NOT rotated by this command."""    )
  36. def rotate_wrapper_key(newWrapperKeyId: String = ""): Unit
    Annotations
    @Summary(s = "Change the wrapper key for encrypted private keys store", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Change the wrapper key (e.g. AWS KMS key) being used to encrypt the private keys in the store.
    |newWrapperKeyId: The optional new wrapper key id to be used. If the wrapper key id is empty Canton will generate a new key based on the current configuration."""    )
  37. final def synchronized[T0](arg0: => T0): T0
    Definition Classes
    AnyRef
  38. def toString(): String
    Definition Classes
    AnyRef → Any
  39. def upload(pairBytes: ByteString, name: Option[String], password: Option[String] = None): Unit
    Annotations
    @Summary(s = "Upload a key pair", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Upload the previously downloaded key pair.
    |pairBytes: The binary representation of a previously downloaded key pair
    |name: The (optional) descriptive name of the key pair
    |password: Optional password to decrypt an encrypted key pair"""    )
  40. def upload_from(filename: String, name: Option[String], password: Option[String] = None): Unit
    Annotations
    @Summary(s = "Upload (load and import) a key pair from file", flag = console.this.Help.Summary.<init>$default$2) @Description(s = """Upload the previously downloaded key pair from a file.
    |filename: The name of the file holding the key pair
    |name: The (optional) descriptive name of the key pair
    |password: Optional password to decrypt an encrypted key pair"""    )
  41. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  42. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException]) @native()
  43. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])

Deprecated Value Members

  1. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.Throwable]) @Deprecated
    Deprecated

    (Since version 9)

Inherited from FeatureFlagFilter

Inherited from NamedLogging

Inherited from Helpful

Inherited from AnyRef

Inherited from Any

Ungrouped