xref: /openbmc/bmcweb/redfish-core/schema/dmtf/json-schema/Key.v1_4_1.json (revision f2a8e57ede74a8252100b2281e3f4d170aa69391)
1{
2    "$id": "http://redfish.dmtf.org/schemas/v1/Key.v1_4_1.json",
3    "$ref": "#/definitions/Key",
4    "$schema": "http://redfish.dmtf.org/schemas/v1/redfish-schema-v1.json",
5    "copyright": "Copyright 2014-2024 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright",
6    "definitions": {
7        "Actions": {
8            "additionalProperties": false,
9            "description": "The available actions for this resource.",
10            "longDescription": "This type shall contain the available actions for this resource.",
11            "patternProperties": {
12                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
13                    "description": "This property shall specify a valid odata or Redfish property.",
14                    "type": [
15                        "array",
16                        "boolean",
17                        "integer",
18                        "number",
19                        "null",
20                        "object",
21                        "string"
22                    ]
23                }
24            },
25            "properties": {
26                "Oem": {
27                    "$ref": "#/definitions/OemActions",
28                    "description": "The available OEM-specific actions for this resource.",
29                    "longDescription": "This property shall contain the available OEM-specific actions for this resource."
30                }
31            },
32            "type": "object"
33        },
34        "Key": {
35            "additionalProperties": false,
36            "description": "The `Key` schema describes sensitive data for accessing devices or services.",
37            "longDescription": "This resource shall represent a key for a Redfish implementation.",
38            "patternProperties": {
39                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
40                    "description": "This property shall specify a valid odata or Redfish property.",
41                    "type": [
42                        "array",
43                        "boolean",
44                        "integer",
45                        "number",
46                        "null",
47                        "object",
48                        "string"
49                    ]
50                }
51            },
52            "properties": {
53                "@odata.context": {
54                    "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/context"
55                },
56                "@odata.etag": {
57                    "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/etag"
58                },
59                "@odata.id": {
60                    "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/id"
61                },
62                "@odata.type": {
63                    "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/type"
64                },
65                "Actions": {
66                    "$ref": "#/definitions/Actions",
67                    "description": "The available actions for this resource.",
68                    "longDescription": "This property shall contain the available actions for this resource."
69                },
70                "Description": {
71                    "anyOf": [
72                        {
73                            "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Description"
74                        },
75                        {
76                            "type": "null"
77                        }
78                    ],
79                    "readonly": true
80                },
81                "Id": {
82                    "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Id",
83                    "readonly": true
84                },
85                "KeyString": {
86                    "description": "The string for the key.",
87                    "longDescription": "This property shall contain the key, and the format shall follow the requirements specified by the `KeyType` property value.",
88                    "readonly": true,
89                    "type": [
90                        "string",
91                        "null"
92                    ]
93                },
94                "KeyType": {
95                    "anyOf": [
96                        {
97                            "$ref": "#/definitions/KeyType"
98                        },
99                        {
100                            "type": "null"
101                        }
102                    ],
103                    "description": "The format of the key.",
104                    "longDescription": "This property shall contain the format type for the key.",
105                    "readonly": true
106                },
107                "NVMeoF": {
108                    "$ref": "#/definitions/NVMeoF",
109                    "description": "NVMe-oF specific properties.",
110                    "longDescription": "This property shall contain NVMe-oF specific properties for this key.  This property shall be present if `KeyType` contains the value `NVMeoF`."
111                },
112                "Name": {
113                    "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Name",
114                    "readonly": true
115                },
116                "Oem": {
117                    "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem",
118                    "description": "The OEM extension property.",
119                    "longDescription": "This property shall contain the OEM extensions.  All values for properties that this object contains shall conform to the Redfish Specification-described requirements."
120                },
121                "SSH": {
122                    "$ref": "#/definitions/SSHType",
123                    "description": "SSH specific properties.",
124                    "longDescription": "This property shall contain SSH specific properties for this key.  This property shall be present if `KeyType` contains the value `SSH`.",
125                    "versionAdded": "v1_2_0"
126                },
127                "UserDescription": {
128                    "description": "A user-defined string to describe this key.",
129                    "longDescription": "This property shall contain a user-provided string that describes the key.",
130                    "readonly": false,
131                    "type": [
132                        "string",
133                        "null"
134                    ],
135                    "versionAdded": "v1_1_0"
136                }
137            },
138            "required": [
139                "@odata.id",
140                "@odata.type",
141                "Id",
142                "Name"
143            ],
144            "requiredOnCreate": [
145                "KeyString",
146                "KeyType"
147            ],
148            "type": "object"
149        },
150        "KeyType": {
151            "enum": [
152                "NVMeoF",
153                "SSH"
154            ],
155            "enumDescriptions": {
156                "NVMeoF": "An NVMe-oF key.",
157                "SSH": "An SSH public key."
158            },
159            "enumLongDescriptions": {
160                "NVMeoF": "This value shall indicate the format of the key is defined by one of the NVMe specifications.",
161                "SSH": "This value shall indicate the format of the key is defined by one of the SSH public key formats as defined in, but not limited to, RFC4253, RFC4716, or RFC8709."
162            },
163            "enumVersionAdded": {
164                "SSH": "v1_1_0"
165            },
166            "type": "string"
167        },
168        "NVMeoF": {
169            "additionalProperties": false,
170            "description": "NVMe-oF specific properties.",
171            "longDescription": "This type shall contain NVMe-oF specific properties for a key.",
172            "patternProperties": {
173                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
174                    "description": "This property shall specify a valid odata or Redfish property.",
175                    "type": [
176                        "array",
177                        "boolean",
178                        "integer",
179                        "number",
180                        "null",
181                        "object",
182                        "string"
183                    ]
184                }
185            },
186            "properties": {
187                "HostKeyId": {
188                    "description": "The identifier of the host key paired with this target key.",
189                    "longDescription": "This property shall contain the value of the `Id` property of the `Key` resource representing the host key paired with this target key.  An empty string shall indicate the key is not paired.  This property shall be absent for host keys.",
190                    "readonly": false,
191                    "type": [
192                        "string",
193                        "null"
194                    ]
195                },
196                "NQN": {
197                    "description": "The NVMe Qualified Name (NQN) of the host or target subsystem associated with this key.",
198                    "longDescription": "This property shall contain the NVMe Qualified Name (NQN) of the host or target subsystem associated with this key.  The value of this property shall follow the NQN format defined by the NVMe Base Specification.",
199                    "readonly": true,
200                    "type": [
201                        "string",
202                        "null"
203                    ]
204                },
205                "OEMSecurityProtocolType": {
206                    "description": "The OEM security protocol that this key uses.",
207                    "longDescription": "This property shall contain the OEM-defined security protocol that this key uses.  The value shall be derived from the contents of the `KeyString` property.  This property shall be present if `SecurityProtocolType` contains the value `OEM`.",
208                    "readonly": true,
209                    "type": [
210                        "string",
211                        "null"
212                    ]
213                },
214                "SecureHashAllowList": {
215                    "description": "The secure hash algorithms allowed with the usage of this key.",
216                    "items": {
217                        "anyOf": [
218                            {
219                                "$ref": "#/definitions/NVMeoFSecureHashType"
220                            },
221                            {
222                                "type": "null"
223                            }
224                        ]
225                    },
226                    "longDescription": "This property shall contain the secure hash algorithms allowed with the usage of this key.  An empty list or the absence of this property shall indicate any secure hash algorithms are allowed with this key.",
227                    "readonly": true,
228                    "type": "array"
229                },
230                "SecurityProtocolType": {
231                    "anyOf": [
232                        {
233                            "$ref": "#/definitions/NVMeoFSecurityProtocolType"
234                        },
235                        {
236                            "type": "null"
237                        }
238                    ],
239                    "description": "The security protocol that this key uses.",
240                    "longDescription": "This property shall contain the security protocol that this key uses.  The value shall be derived from the contents of the `KeyString` property.",
241                    "readonly": true
242                }
243            },
244            "requiredOnCreate": [
245                "NQN"
246            ],
247            "type": "object"
248        },
249        "NVMeoFSecureHashType": {
250            "description": "The NVMe secure hash algorithms that a key is allowed to use.",
251            "enum": [
252                "SHA256",
253                "SHA384",
254                "SHA512"
255            ],
256            "enumDescriptions": {
257                "SHA256": "SHA-256.",
258                "SHA384": "SHA-384.",
259                "SHA512": "SHA-512."
260            },
261            "enumLongDescriptions": {
262                "SHA256": "This value shall indicate the SHA-256 hash function as defined by the 'DH-HMAC-CHAP hash function identifiers' figure in the NVMe Base Specification.",
263                "SHA384": "This value shall indicate the SHA-384 hash function as defined by the 'DH-HMAC-CHAP hash function identifiers' figure in the NVMe Base Specification.",
264                "SHA512": "This value shall indicate the SHA-512 hash function as defined by the 'DH-HMAC-CHAP hash function identifiers' figure in the NVMe Base Specification."
265            },
266            "longDescription": "This enumeration shall list the NVMe secure hash algorithms that a key is allowed to use.",
267            "type": "string"
268        },
269        "NVMeoFSecurityProtocolType": {
270            "description": "The NVMe security protocols that a key protects.",
271            "enum": [
272                "DHHC",
273                "TLS_PSK",
274                "OEM"
275            ],
276            "enumDescriptions": {
277                "DHHC": "Diffie-Hellman Hashed Message Authentication Code Challenge Handshake Authentication Protocol (DH-HMAC-CHAP).",
278                "OEM": "OEM.",
279                "TLS_PSK": "Transport Layer Security Pre-Shared Key (TLS PSK)."
280            },
281            "enumLongDescriptions": {
282                "DHHC": "This value shall indicate the Diffie-Hellman Hashed Message Authentication Code Challenge Handshake Authentication Protocol (DH-HMAC-CHAP) as defined by the NVMe Base Specification.",
283                "OEM": "This value shall indicate an OEM-defined security protocol.  The `OEMSecurityProtocolType` property shall contain the specific OEM protocol.",
284                "TLS_PSK": "This value shall indicate Transport Layer Security Pre-Shared Key (TLS PSK) as defined by the NVMe TCP Transport Specification."
285            },
286            "longDescription": "This enumeration shall list the NVMe security protocols that a key protects.",
287            "type": "string"
288        },
289        "OemActions": {
290            "additionalProperties": true,
291            "description": "The available OEM-specific actions for this resource.",
292            "longDescription": "This type shall contain the available OEM-specific actions for this resource.",
293            "patternProperties": {
294                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
295                    "description": "This property shall specify a valid odata or Redfish property.",
296                    "type": [
297                        "array",
298                        "boolean",
299                        "integer",
300                        "number",
301                        "null",
302                        "object",
303                        "string"
304                    ]
305                }
306            },
307            "properties": {},
308            "type": "object"
309        },
310        "SSHType": {
311            "additionalProperties": false,
312            "description": "SSH specific properties.",
313            "longDescription": "This type shall contain SSH specific properties for a key.",
314            "patternProperties": {
315                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
316                    "description": "This property shall specify a valid odata or Redfish property.",
317                    "type": [
318                        "array",
319                        "boolean",
320                        "integer",
321                        "number",
322                        "null",
323                        "object",
324                        "string"
325                    ]
326                }
327            },
328            "properties": {
329                "Comment": {
330                    "description": "The user-specified comment associated with this key, which typically contains the client's username and host name.",
331                    "longDescription": "This property shall contain the user-specified comment associated with this key, which typically contains the client's username and host name.",
332                    "readonly": true,
333                    "type": [
334                        "string",
335                        "null"
336                    ],
337                    "versionAdded": "v1_4_0"
338                },
339                "Fingerprint": {
340                    "description": "A fingerprint of the key.",
341                    "longDescription": "This property shall contain the fingerprint of the key.",
342                    "pattern": "(^MD5(:[0-9a-f]{2})+$)|(^SHA256:[A-Za-z0-9+/=]+$)",
343                    "readonly": true,
344                    "type": [
345                        "string",
346                        "null"
347                    ],
348                    "versionAdded": "v1_2_0"
349                },
350                "RemoteServerHostName": {
351                    "description": "The host name of the remote server associated with this key.",
352                    "longDescription": "This property shall contain the host name of the remote server associated with this key.",
353                    "readonly": true,
354                    "type": [
355                        "string",
356                        "null"
357                    ],
358                    "versionAdded": "v1_3_0"
359                }
360            },
361            "type": "object"
362        }
363    },
364    "language": "en",
365    "owningEntity": "DMTF",
366    "release": "2023.3",
367    "title": "#Key.v1_4_1.Key"
368}