1b1b4d261SWilliam A. Kennington IIIdescription: > 2b1b4d261SWilliam A. Kennington III Implement to create Certificate Signing Request(CSR). 3b1b4d261SWilliam A. Kennington III 4b1b4d261SWilliam A. Kennington IIImethods: 5b1b4d261SWilliam A. Kennington III - name: GenerateCSR 6b1b4d261SWilliam A. Kennington III description: > 7*a1347418SPatrick Williams This command is used to initiate a certificate signing request. This 8*a1347418SPatrick Williams command only returns the D-Bus path name for the new CSR object. User 9*a1347418SPatrick Williams need to listen on InterfacesAdded signal emitted by 10*a1347418SPatrick Williams /xyz/openbmc_project/Certs to retrieve the CSR string after successful 11*a1347418SPatrick Williams CSR creation. 12b1b4d261SWilliam A. Kennington III 13b1b4d261SWilliam A. Kennington III Note: Following Parameters are mandatory or optional based on the 14b1b4d261SWilliam A. Kennington III Redfish documentation. 15b1b4d261SWilliam A. Kennington III 16b1b4d261SWilliam A. Kennington III Caller is responsible for the input parameter validation. 17b1b4d261SWilliam A. Kennington III 18b1b4d261SWilliam A. Kennington III If the caller does not wish a field to be included in the 19b1b4d261SWilliam A. Kennington III CSR Request, initialize the Parameter with blank for strings 20b1b4d261SWilliam A. Kennington III and zero for integers. 21b1b4d261SWilliam A. Kennington III 22b1b4d261SWilliam A. Kennington III parameters: 23b1b4d261SWilliam A. Kennington III - name: AlternativeNames 24b1b4d261SWilliam A. Kennington III type: array[string] 25b1b4d261SWilliam A. Kennington III description: > 26b1b4d261SWilliam A. Kennington III Additional hostnames of the component that is being secured. 27b1b4d261SWilliam A. Kennington III - name: ChallengePassword 28b1b4d261SWilliam A. Kennington III type: string 29b1b4d261SWilliam A. Kennington III description: > 30b1b4d261SWilliam A. Kennington III The challenge password to be applied to the certificate for 31b1b4d261SWilliam A. Kennington III revocation requests. 32b1b4d261SWilliam A. Kennington III - name: City 33b1b4d261SWilliam A. Kennington III type: string 34b1b4d261SWilliam A. Kennington III description: > 35*a1347418SPatrick Williams The city or locality of the organization making the request. For 36*a1347418SPatrick Williams Example Austin This is a required parameter. 37b1b4d261SWilliam A. Kennington III - name: CommonName 38b1b4d261SWilliam A. Kennington III type: string 39b1b4d261SWilliam A. Kennington III description: > 40b1b4d261SWilliam A. Kennington III The fully qualified domain name of the component that is being 41*a1347418SPatrick Williams secured. This is a required parameter. 42b1b4d261SWilliam A. Kennington III - name: ContactPerson 43b1b4d261SWilliam A. Kennington III type: string 44b1b4d261SWilliam A. Kennington III description: > 45b1b4d261SWilliam A. Kennington III The name of the user making the request. 46b1b4d261SWilliam A. Kennington III - name: Country 47b1b4d261SWilliam A. Kennington III type: string 48b1b4d261SWilliam A. Kennington III description: > 49*a1347418SPatrick Williams The country of the organization making the request. This is a 50*a1347418SPatrick Williams required parameter. 51b1b4d261SWilliam A. Kennington III - name: Email 52b1b4d261SWilliam A. Kennington III type: string 53b1b4d261SWilliam A. Kennington III description: > 54*a1347418SPatrick Williams The email address of the contact within the organization making 55*a1347418SPatrick Williams the request. 56b1b4d261SWilliam A. Kennington III - name: GivenName 57b1b4d261SWilliam A. Kennington III type: string 58b1b4d261SWilliam A. Kennington III description: > 59b1b4d261SWilliam A. Kennington III The given name of the user making the request. 60b1b4d261SWilliam A. Kennington III - name: Initials 61b1b4d261SWilliam A. Kennington III type: string 62b1b4d261SWilliam A. Kennington III description: > 63b1b4d261SWilliam A. Kennington III The initials of the user making the request. 64b1b4d261SWilliam A. Kennington III - name: KeyBitLength 65b1b4d261SWilliam A. Kennington III type: int64 66b1b4d261SWilliam A. Kennington III description: > 67*a1347418SPatrick Williams The length of the key in bits, if needed based on the value of 68*a1347418SPatrick Williams the KeyPairAlgorithm parameter. 69b1b4d261SWilliam A. Kennington III 70b1b4d261SWilliam A. Kennington III Refer https://www.openssl.org/docs/man1.0.2/man1/genpkey.html 71b1b4d261SWilliam A. Kennington III - name: KeyCurveId 72b1b4d261SWilliam A. Kennington III type: string 73b1b4d261SWilliam A. Kennington III description: > 74b1b4d261SWilliam A. Kennington III The curve ID to be used with the key, if needed based on the 75b1b4d261SWilliam A. Kennington III value of the KeyPairAlgorithm parameter. 76b1b4d261SWilliam A. Kennington III 77b1b4d261SWilliam A. Kennington III Refer https://www.openssl.org/docs/man1.0.2/man1/genpkey.html 78b1b4d261SWilliam A. Kennington III - name: KeyPairAlgorithm 79b1b4d261SWilliam A. Kennington III type: string 80b1b4d261SWilliam A. Kennington III description: > 81b1b4d261SWilliam A. Kennington III The type of key pair for use with signing algorithms. 82b1b4d261SWilliam A. Kennington III 83b1b4d261SWilliam A. Kennington III Valid built-in algorithm names for private key generation are 84b1b4d261SWilliam A. Kennington III RSA and EC. 85b1b4d261SWilliam A. Kennington III - name: KeyUsage 86b1b4d261SWilliam A. Kennington III type: array[string] 87b1b4d261SWilliam A. Kennington III description: > 88*a1347418SPatrick Williams Key usage extensions define the purpose of the public key 89*a1347418SPatrick Williams contained in a certificate. 90b1b4d261SWilliam A. Kennington III 91b1b4d261SWilliam A. Kennington III Valid Key usage extensions and its usage description. 92b1b4d261SWilliam A. Kennington III 93b1b4d261SWilliam A. Kennington III ClientAuthentication: The public key is used for TLS WWW client 94b1b4d261SWilliam A. Kennington III authentication. 95*a1347418SPatrick Williams CodeSigning: The public key is used for the signing of 96*a1347418SPatrick Williams executable code. CRLSigning: The public key is used for 97*a1347418SPatrick Williams verifying signatures on 98b1b4d261SWilliam A. Kennington III certificate revocation lists (CLRs). 99*a1347418SPatrick Williams DataEncipherment: The public key is used for directly 100*a1347418SPatrick Williams enciphering 101*a1347418SPatrick Williams raw user data without the use of an 102*a1347418SPatrick Williams intermediate 103b1b4d261SWilliam A. Kennington III symmetric cipher. 104b1b4d261SWilliam A. Kennington III DecipherOnly: The public key could be used for deciphering data 105b1b4d261SWilliam A. Kennington III while performing key agreement. 106b1b4d261SWilliam A. Kennington III DigitalSignature: The public key is used for verifying digital 107*a1347418SPatrick Williams signatures, other than signatures on 108*a1347418SPatrick Williams certificates 109b1b4d261SWilliam A. Kennington III and CRLs. 110b1b4d261SWilliam A. Kennington III EmailProtection: The public key is used for email protection. 111b1b4d261SWilliam A. Kennington III EncipherOnly: The public key could be used for enciphering data 112b1b4d261SWilliam A. Kennington III while performing key agreement. 113b1b4d261SWilliam A. Kennington III KeyCertSign: The public key is used for verifying signatures on 114b1b4d261SWilliam A. Kennington III public key certificates. 115*a1347418SPatrick Williams KeyEncipherment: The public key is used for enciphering private 116*a1347418SPatrick Williams or 117b1b4d261SWilliam A. Kennington III secret keys. 118*a1347418SPatrick Williams NonRepudiation: The public key is used to verify digital 119*a1347418SPatrick Williams signatures, 120b1b4d261SWilliam A. Kennington III other than signatures on certificates and CRLs, 121*a1347418SPatrick Williams and used to provide a non- repudiation service 122*a1347418SPatrick Williams that 123*a1347418SPatrick Williams protects against the signing entity falsely 124*a1347418SPatrick Williams denying 125b1b4d261SWilliam A. Kennington III some action. 126b1b4d261SWilliam A. Kennington III OCSPSigning: The public key is used for signing OCSP responses. 127b1b4d261SWilliam A. Kennington III ServerAuthentication: The public key is used for TLS WWW server 128b1b4d261SWilliam A. Kennington III authentication. 129b1b4d261SWilliam A. Kennington III Timestamping: The public key is used for binding the hash of an 130b1b4d261SWilliam A. Kennington III object to a time. 131b1b4d261SWilliam A. Kennington III - name: Organization 132b1b4d261SWilliam A. Kennington III type: string 133b1b4d261SWilliam A. Kennington III description: > 134*a1347418SPatrick Williams The legal name of the organization. This should not be 135*a1347418SPatrick Williams abbreviated and should include suffixes such as Inc, Corp, or 136*a1347418SPatrick Williams LLC. For example, IBM Corp. This is a required parameter. 137b1b4d261SWilliam A. Kennington III - name: OrganizationalUnit 138b1b4d261SWilliam A. Kennington III type: string 139b1b4d261SWilliam A. Kennington III description: > 140b1b4d261SWilliam A. Kennington III The name of the unit or division of the organization making the 141*a1347418SPatrick Williams request. This is a required parameter. 142b1b4d261SWilliam A. Kennington III - name: State 143b1b4d261SWilliam A. Kennington III type: string 144b1b4d261SWilliam A. Kennington III description: > 145*a1347418SPatrick Williams The state or province where the organization is located. This 146*a1347418SPatrick Williams should not be abbreviated. For example, Texas. This is a 147*a1347418SPatrick Williams required parameter. 148b1b4d261SWilliam A. Kennington III - name: Surname 149b1b4d261SWilliam A. Kennington III type: string 150b1b4d261SWilliam A. Kennington III description: > 151b1b4d261SWilliam A. Kennington III The surname of the user making the request. 152b1b4d261SWilliam A. Kennington III - name: UnstructuredName 153b1b4d261SWilliam A. Kennington III type: string 154b1b4d261SWilliam A. Kennington III description: > 155b1b4d261SWilliam A. Kennington III The unstructured name of the subject. 156b1b4d261SWilliam A. Kennington III returns: 157b1b4d261SWilliam A. Kennington III - name: path 158b1b4d261SWilliam A. Kennington III type: string 159b1b4d261SWilliam A. Kennington III description: > 160b1b4d261SWilliam A. Kennington III The object path of the D-Bus object to be watch for retrieving 161b1b4d261SWilliam A. Kennington III the CSR string. 162b1b4d261SWilliam A. Kennington III errors: 163b1b4d261SWilliam A. Kennington III - xyz.openbmc_project.Common.Error.InternalFailure 164