1*f2a8e57eSGunnar Mills{ 2*f2a8e57eSGunnar Mills "$id": "http://redfish.dmtf.org/schemas/v1/KeyPolicy.v1_0_1.json", 3*f2a8e57eSGunnar Mills "$ref": "#/definitions/KeyPolicy", 4*f2a8e57eSGunnar Mills "$schema": "http://redfish.dmtf.org/schemas/v1/redfish-schema-v1.json", 5*f2a8e57eSGunnar Mills "copyright": "Copyright 2014-2024 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright", 6*f2a8e57eSGunnar Mills "definitions": { 7*f2a8e57eSGunnar Mills "Actions": { 8*f2a8e57eSGunnar Mills "additionalProperties": false, 9*f2a8e57eSGunnar Mills "description": "The available actions for this resource.", 10*f2a8e57eSGunnar Mills "longDescription": "This type shall contain the available actions for this resource.", 11*f2a8e57eSGunnar Mills "patternProperties": { 12*f2a8e57eSGunnar Mills "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 13*f2a8e57eSGunnar Mills "description": "This property shall specify a valid odata or Redfish property.", 14*f2a8e57eSGunnar Mills "type": [ 15*f2a8e57eSGunnar Mills "array", 16*f2a8e57eSGunnar Mills "boolean", 17*f2a8e57eSGunnar Mills "integer", 18*f2a8e57eSGunnar Mills "number", 19*f2a8e57eSGunnar Mills "null", 20*f2a8e57eSGunnar Mills "object", 21*f2a8e57eSGunnar Mills "string" 22*f2a8e57eSGunnar Mills ] 23*f2a8e57eSGunnar Mills } 24*f2a8e57eSGunnar Mills }, 25*f2a8e57eSGunnar Mills "properties": { 26*f2a8e57eSGunnar Mills "Oem": { 27*f2a8e57eSGunnar Mills "$ref": "#/definitions/OemActions", 28*f2a8e57eSGunnar Mills "description": "The available OEM-specific actions for this resource.", 29*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the available OEM-specific actions for this resource." 30*f2a8e57eSGunnar Mills } 31*f2a8e57eSGunnar Mills }, 32*f2a8e57eSGunnar Mills "type": "object" 33*f2a8e57eSGunnar Mills }, 34*f2a8e57eSGunnar Mills "KeyPolicy": { 35*f2a8e57eSGunnar Mills "additionalProperties": false, 36*f2a8e57eSGunnar Mills "description": "The `KeyPolicy` schema describes settings for how keys are allowed to be used for accessing devices or services.", 37*f2a8e57eSGunnar Mills "longDescription": "This resource shall represent a key policy for a Redfish implementation.", 38*f2a8e57eSGunnar Mills "patternProperties": { 39*f2a8e57eSGunnar Mills "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 40*f2a8e57eSGunnar Mills "description": "This property shall specify a valid odata or Redfish property.", 41*f2a8e57eSGunnar Mills "type": [ 42*f2a8e57eSGunnar Mills "array", 43*f2a8e57eSGunnar Mills "boolean", 44*f2a8e57eSGunnar Mills "integer", 45*f2a8e57eSGunnar Mills "number", 46*f2a8e57eSGunnar Mills "null", 47*f2a8e57eSGunnar Mills "object", 48*f2a8e57eSGunnar Mills "string" 49*f2a8e57eSGunnar Mills ] 50*f2a8e57eSGunnar Mills } 51*f2a8e57eSGunnar Mills }, 52*f2a8e57eSGunnar Mills "properties": { 53*f2a8e57eSGunnar Mills "@odata.context": { 54*f2a8e57eSGunnar Mills "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/context" 55*f2a8e57eSGunnar Mills }, 56*f2a8e57eSGunnar Mills "@odata.etag": { 57*f2a8e57eSGunnar Mills "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/etag" 58*f2a8e57eSGunnar Mills }, 59*f2a8e57eSGunnar Mills "@odata.id": { 60*f2a8e57eSGunnar Mills "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/id" 61*f2a8e57eSGunnar Mills }, 62*f2a8e57eSGunnar Mills "@odata.type": { 63*f2a8e57eSGunnar Mills "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/type" 64*f2a8e57eSGunnar Mills }, 65*f2a8e57eSGunnar Mills "Actions": { 66*f2a8e57eSGunnar Mills "$ref": "#/definitions/Actions", 67*f2a8e57eSGunnar Mills "description": "The available actions for this resource.", 68*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the available actions for this resource." 69*f2a8e57eSGunnar Mills }, 70*f2a8e57eSGunnar Mills "Description": { 71*f2a8e57eSGunnar Mills "anyOf": [ 72*f2a8e57eSGunnar Mills { 73*f2a8e57eSGunnar Mills "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Description" 74*f2a8e57eSGunnar Mills }, 75*f2a8e57eSGunnar Mills { 76*f2a8e57eSGunnar Mills "type": "null" 77*f2a8e57eSGunnar Mills } 78*f2a8e57eSGunnar Mills ], 79*f2a8e57eSGunnar Mills "readonly": true 80*f2a8e57eSGunnar Mills }, 81*f2a8e57eSGunnar Mills "Id": { 82*f2a8e57eSGunnar Mills "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Id", 83*f2a8e57eSGunnar Mills "readonly": true 84*f2a8e57eSGunnar Mills }, 85*f2a8e57eSGunnar Mills "IsDefault": { 86*f2a8e57eSGunnar Mills "description": "Indicates if this is the default key policy.", 87*f2a8e57eSGunnar Mills "longDescription": "This property shall indicate if this key policy is the policy applied when no other policies are specified.", 88*f2a8e57eSGunnar Mills "readonly": false, 89*f2a8e57eSGunnar Mills "type": [ 90*f2a8e57eSGunnar Mills "boolean", 91*f2a8e57eSGunnar Mills "null" 92*f2a8e57eSGunnar Mills ] 93*f2a8e57eSGunnar Mills }, 94*f2a8e57eSGunnar Mills "KeyPolicyType": { 95*f2a8e57eSGunnar Mills "anyOf": [ 96*f2a8e57eSGunnar Mills { 97*f2a8e57eSGunnar Mills "$ref": "#/definitions/KeyPolicyType" 98*f2a8e57eSGunnar Mills }, 99*f2a8e57eSGunnar Mills { 100*f2a8e57eSGunnar Mills "type": "null" 101*f2a8e57eSGunnar Mills } 102*f2a8e57eSGunnar Mills ], 103*f2a8e57eSGunnar Mills "description": "The type of key policy.", 104*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the type of key policy.", 105*f2a8e57eSGunnar Mills "readonly": true 106*f2a8e57eSGunnar Mills }, 107*f2a8e57eSGunnar Mills "NVMeoF": { 108*f2a8e57eSGunnar Mills "$ref": "#/definitions/NVMeoF", 109*f2a8e57eSGunnar Mills "description": "NVMe-oF specific properties.", 110*f2a8e57eSGunnar Mills "longDescription": "This property shall contain NVMe-oF specific properties for this key policy. This property shall be present if `KeyPolicyType` contains the value `NVMeoF`." 111*f2a8e57eSGunnar Mills }, 112*f2a8e57eSGunnar Mills "Name": { 113*f2a8e57eSGunnar Mills "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Name", 114*f2a8e57eSGunnar Mills "readonly": true 115*f2a8e57eSGunnar Mills }, 116*f2a8e57eSGunnar Mills "Oem": { 117*f2a8e57eSGunnar Mills "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem", 118*f2a8e57eSGunnar Mills "description": "The OEM extension property.", 119*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the OEM extensions. All values for properties that this object contains shall conform to the Redfish Specification-described requirements." 120*f2a8e57eSGunnar Mills } 121*f2a8e57eSGunnar Mills }, 122*f2a8e57eSGunnar Mills "required": [ 123*f2a8e57eSGunnar Mills "@odata.id", 124*f2a8e57eSGunnar Mills "@odata.type", 125*f2a8e57eSGunnar Mills "Id", 126*f2a8e57eSGunnar Mills "Name" 127*f2a8e57eSGunnar Mills ], 128*f2a8e57eSGunnar Mills "requiredOnCreate": [ 129*f2a8e57eSGunnar Mills "KeyPolicyType" 130*f2a8e57eSGunnar Mills ], 131*f2a8e57eSGunnar Mills "type": "object" 132*f2a8e57eSGunnar Mills }, 133*f2a8e57eSGunnar Mills "KeyPolicyType": { 134*f2a8e57eSGunnar Mills "enum": [ 135*f2a8e57eSGunnar Mills "NVMeoF" 136*f2a8e57eSGunnar Mills ], 137*f2a8e57eSGunnar Mills "enumDescriptions": { 138*f2a8e57eSGunnar Mills "NVMeoF": "An NVMe-oF key policy." 139*f2a8e57eSGunnar Mills }, 140*f2a8e57eSGunnar Mills "enumLongDescriptions": { 141*f2a8e57eSGunnar Mills "NVMeoF": "This value shall indicate the key policy is for an NVMe-oF key." 142*f2a8e57eSGunnar Mills }, 143*f2a8e57eSGunnar Mills "type": "string" 144*f2a8e57eSGunnar Mills }, 145*f2a8e57eSGunnar Mills "NVMeoF": { 146*f2a8e57eSGunnar Mills "additionalProperties": false, 147*f2a8e57eSGunnar Mills "description": "NVMe-oF specific properties.", 148*f2a8e57eSGunnar Mills "longDescription": "This type shall contain NVMe-oF specific properties for a key policy.", 149*f2a8e57eSGunnar Mills "patternProperties": { 150*f2a8e57eSGunnar Mills "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 151*f2a8e57eSGunnar Mills "description": "This property shall specify a valid odata or Redfish property.", 152*f2a8e57eSGunnar Mills "type": [ 153*f2a8e57eSGunnar Mills "array", 154*f2a8e57eSGunnar Mills "boolean", 155*f2a8e57eSGunnar Mills "integer", 156*f2a8e57eSGunnar Mills "number", 157*f2a8e57eSGunnar Mills "null", 158*f2a8e57eSGunnar Mills "object", 159*f2a8e57eSGunnar Mills "string" 160*f2a8e57eSGunnar Mills ] 161*f2a8e57eSGunnar Mills } 162*f2a8e57eSGunnar Mills }, 163*f2a8e57eSGunnar Mills "properties": { 164*f2a8e57eSGunnar Mills "CipherSuiteAllowList": { 165*f2a8e57eSGunnar Mills "description": "The cipher suites that this key policy allows.", 166*f2a8e57eSGunnar Mills "items": { 167*f2a8e57eSGunnar Mills "anyOf": [ 168*f2a8e57eSGunnar Mills { 169*f2a8e57eSGunnar Mills "$ref": "#/definitions/NVMeoFCipherSuiteType" 170*f2a8e57eSGunnar Mills }, 171*f2a8e57eSGunnar Mills { 172*f2a8e57eSGunnar Mills "type": "null" 173*f2a8e57eSGunnar Mills } 174*f2a8e57eSGunnar Mills ] 175*f2a8e57eSGunnar Mills }, 176*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the cipher suites that this key policy allows. The absence of the property shall indicate any cipher suite is allowed. An empty list shall indicate no cipher suites are allowed.", 177*f2a8e57eSGunnar Mills "readonly": false, 178*f2a8e57eSGunnar Mills "type": "array" 179*f2a8e57eSGunnar Mills }, 180*f2a8e57eSGunnar Mills "DHGroupAllowList": { 181*f2a8e57eSGunnar Mills "description": "The Diffie-Hellman (DH) groups that this key policy allows.", 182*f2a8e57eSGunnar Mills "items": { 183*f2a8e57eSGunnar Mills "anyOf": [ 184*f2a8e57eSGunnar Mills { 185*f2a8e57eSGunnar Mills "$ref": "#/definitions/NVMeoFDHGroupType" 186*f2a8e57eSGunnar Mills }, 187*f2a8e57eSGunnar Mills { 188*f2a8e57eSGunnar Mills "type": "null" 189*f2a8e57eSGunnar Mills } 190*f2a8e57eSGunnar Mills ] 191*f2a8e57eSGunnar Mills }, 192*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the Diffie-Hellman (DH) groups that this key policy allows. The absence of the property shall indicate any DH group is allowed. An empty list shall indicate no DH groups are allowed.", 193*f2a8e57eSGunnar Mills "readonly": false, 194*f2a8e57eSGunnar Mills "type": "array" 195*f2a8e57eSGunnar Mills }, 196*f2a8e57eSGunnar Mills "OEMSecurityProtocolAllowList": { 197*f2a8e57eSGunnar Mills "description": "The OEM security protocols that this key policy allows.", 198*f2a8e57eSGunnar Mills "items": { 199*f2a8e57eSGunnar Mills "type": [ 200*f2a8e57eSGunnar Mills "string", 201*f2a8e57eSGunnar Mills "null" 202*f2a8e57eSGunnar Mills ] 203*f2a8e57eSGunnar Mills }, 204*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the OEM-defined security protocols that this key policy allows. NVMe-oF channels are restricted to OEM-defined security protocols in this list. An empty list shall indicate no security protocols are allowed. This property shall be present if `SecurityProtocolAllowList` contains `OEM`.", 205*f2a8e57eSGunnar Mills "readonly": false, 206*f2a8e57eSGunnar Mills "type": "array" 207*f2a8e57eSGunnar Mills }, 208*f2a8e57eSGunnar Mills "SecureHashAllowList": { 209*f2a8e57eSGunnar Mills "description": "The secure hash algorithms that this key policy allows.", 210*f2a8e57eSGunnar Mills "items": { 211*f2a8e57eSGunnar Mills "anyOf": [ 212*f2a8e57eSGunnar Mills { 213*f2a8e57eSGunnar Mills "$ref": "#/definitions/NVMeoFSecureHashType" 214*f2a8e57eSGunnar Mills }, 215*f2a8e57eSGunnar Mills { 216*f2a8e57eSGunnar Mills "type": "null" 217*f2a8e57eSGunnar Mills } 218*f2a8e57eSGunnar Mills ] 219*f2a8e57eSGunnar Mills }, 220*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the secure hash algorithms that this key policy allows. The absence of the property shall indicate any secure hash algorithm is allowed. An empty list shall indicate no secure hash algorithms are allowed.", 221*f2a8e57eSGunnar Mills "readonly": false, 222*f2a8e57eSGunnar Mills "type": "array" 223*f2a8e57eSGunnar Mills }, 224*f2a8e57eSGunnar Mills "SecurityProtocolAllowList": { 225*f2a8e57eSGunnar Mills "description": "The security protocols that this key policy allows.", 226*f2a8e57eSGunnar Mills "items": { 227*f2a8e57eSGunnar Mills "anyOf": [ 228*f2a8e57eSGunnar Mills { 229*f2a8e57eSGunnar Mills "$ref": "#/definitions/NVMeoFSecurityProtocolType" 230*f2a8e57eSGunnar Mills }, 231*f2a8e57eSGunnar Mills { 232*f2a8e57eSGunnar Mills "type": "null" 233*f2a8e57eSGunnar Mills } 234*f2a8e57eSGunnar Mills ] 235*f2a8e57eSGunnar Mills }, 236*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the security protocols that this key policy allows. NVMe-oF channels are restricted to security protocols in this list. The absence of the property shall indicate any security protocol is allowed. An empty list shall indicate no security protocols are allowed.", 237*f2a8e57eSGunnar Mills "readonly": false, 238*f2a8e57eSGunnar Mills "type": "array" 239*f2a8e57eSGunnar Mills }, 240*f2a8e57eSGunnar Mills "SecurityTransportAllowList": { 241*f2a8e57eSGunnar Mills "description": "The security transports that this key policy allows.", 242*f2a8e57eSGunnar Mills "items": { 243*f2a8e57eSGunnar Mills "anyOf": [ 244*f2a8e57eSGunnar Mills { 245*f2a8e57eSGunnar Mills "$ref": "#/definitions/NVMeoFSecurityTransportType" 246*f2a8e57eSGunnar Mills }, 247*f2a8e57eSGunnar Mills { 248*f2a8e57eSGunnar Mills "type": "null" 249*f2a8e57eSGunnar Mills } 250*f2a8e57eSGunnar Mills ] 251*f2a8e57eSGunnar Mills }, 252*f2a8e57eSGunnar Mills "longDescription": "This property shall contain the security transports that this key policy allows. The absence of the property shall indicate any security transport is allowed. An empty list shall indicate no security transports are allowed.", 253*f2a8e57eSGunnar Mills "readonly": false, 254*f2a8e57eSGunnar Mills "type": "array" 255*f2a8e57eSGunnar Mills } 256*f2a8e57eSGunnar Mills }, 257*f2a8e57eSGunnar Mills "type": "object" 258*f2a8e57eSGunnar Mills }, 259*f2a8e57eSGunnar Mills "NVMeoFCipherSuiteType": { 260*f2a8e57eSGunnar Mills "description": "The NVMe cipher suites that a key is allowed to use.", 261*f2a8e57eSGunnar Mills "enum": [ 262*f2a8e57eSGunnar Mills "TLS_AES_128_GCM_SHA256", 263*f2a8e57eSGunnar Mills "TLS_AES_256_GCM_SHA384" 264*f2a8e57eSGunnar Mills ], 265*f2a8e57eSGunnar Mills "enumDescriptions": { 266*f2a8e57eSGunnar Mills "TLS_AES_128_GCM_SHA256": "TLS_AES_128_GCM_SHA256.", 267*f2a8e57eSGunnar Mills "TLS_AES_256_GCM_SHA384": "TLS_AES_256_GCM_SHA384." 268*f2a8e57eSGunnar Mills }, 269*f2a8e57eSGunnar Mills "enumLongDescriptions": { 270*f2a8e57eSGunnar Mills "TLS_AES_128_GCM_SHA256": "This value shall indicate TLS_AES_128_GCM_SHA256 as defined by the 'Mandatory and Recommended Cipher Suites' clause in the NVMe TCP Transport Specification.", 271*f2a8e57eSGunnar Mills "TLS_AES_256_GCM_SHA384": "This value shall indicate TLS_AES_256_GCM_SHA384 as defined by the 'Mandatory and Recommended Cipher Suites' clause in the NVMe TCP Transport Specification." 272*f2a8e57eSGunnar Mills }, 273*f2a8e57eSGunnar Mills "longDescription": "This enumeration shall list the NVMe cipher suites that a key is allowed to use.", 274*f2a8e57eSGunnar Mills "type": "string" 275*f2a8e57eSGunnar Mills }, 276*f2a8e57eSGunnar Mills "NVMeoFDHGroupType": { 277*f2a8e57eSGunnar Mills "description": "The NVMe Diffie-Hellman (DH) groups that a key is allowed to use.", 278*f2a8e57eSGunnar Mills "enum": [ 279*f2a8e57eSGunnar Mills "FFDHE2048", 280*f2a8e57eSGunnar Mills "FFDHE3072", 281*f2a8e57eSGunnar Mills "FFDHE4096", 282*f2a8e57eSGunnar Mills "FFDHE6144", 283*f2a8e57eSGunnar Mills "FFDHE8192" 284*f2a8e57eSGunnar Mills ], 285*f2a8e57eSGunnar Mills "enumDescriptions": { 286*f2a8e57eSGunnar Mills "FFDHE2048": "2048-bit Diffie-Hellman (DH) group.", 287*f2a8e57eSGunnar Mills "FFDHE3072": "3072-bit Diffie-Hellman (DH) group.", 288*f2a8e57eSGunnar Mills "FFDHE4096": "4096-bit Diffie-Hellman (DH) group.", 289*f2a8e57eSGunnar Mills "FFDHE6144": "6144-bit Diffie-Hellman (DH) group.", 290*f2a8e57eSGunnar Mills "FFDHE8192": "8192-bit Diffie-Hellman (DH) group." 291*f2a8e57eSGunnar Mills }, 292*f2a8e57eSGunnar Mills "enumLongDescriptions": { 293*f2a8e57eSGunnar Mills "FFDHE2048": "This value shall indicate the 2048-bit Diffie-Hellman (DH) group as defined by the 'DH-HMAC-CHAP Diffie-Hellman group identifiers' figure in the NVMe Base Specification.", 294*f2a8e57eSGunnar Mills "FFDHE3072": "This value shall indicate the 3072-bit Diffie-Hellman (DH) group as defined by the 'DH-HMAC-CHAP Diffie-Hellman group identifiers' figure in the NVMe Base Specification.", 295*f2a8e57eSGunnar Mills "FFDHE4096": "This value shall indicate the 4096-bit Diffie-Hellman (DH) group as defined by the 'DH-HMAC-CHAP Diffie-Hellman group identifiers' figure in the NVMe Base Specification.", 296*f2a8e57eSGunnar Mills "FFDHE6144": "This value shall indicate the 2048-bit Diffie-Hellman (DH) group as defined by the 'DH-HMAC-CHAP Diffie-Hellman group identifiers' figure in the NVMe Base Specification.", 297*f2a8e57eSGunnar Mills "FFDHE8192": "This value shall indicate the 8192-bit Diffie-Hellman (DH) group as defined by the 'DH-HMAC-CHAP Diffie-Hellman group identifiers' figure in the NVMe Base Specification." 298*f2a8e57eSGunnar Mills }, 299*f2a8e57eSGunnar Mills "longDescription": "This enumeration shall list the Diffie-Hellman (DH) groups that a key is allowed to use.", 300*f2a8e57eSGunnar Mills "type": "string" 301*f2a8e57eSGunnar Mills }, 302*f2a8e57eSGunnar Mills "NVMeoFSecureHashType": { 303*f2a8e57eSGunnar Mills "description": "The NVMe secure hash algorithms that a key is allowed to use.", 304*f2a8e57eSGunnar Mills "enum": [ 305*f2a8e57eSGunnar Mills "SHA256", 306*f2a8e57eSGunnar Mills "SHA384", 307*f2a8e57eSGunnar Mills "SHA512" 308*f2a8e57eSGunnar Mills ], 309*f2a8e57eSGunnar Mills "enumDescriptions": { 310*f2a8e57eSGunnar Mills "SHA256": "SHA-256.", 311*f2a8e57eSGunnar Mills "SHA384": "SHA-384.", 312*f2a8e57eSGunnar Mills "SHA512": "SHA-512." 313*f2a8e57eSGunnar Mills }, 314*f2a8e57eSGunnar Mills "enumLongDescriptions": { 315*f2a8e57eSGunnar Mills "SHA256": "This value shall indicate the SHA-256 hash function as defined by the 'DH-HMAC-CHAP hash function identifiers' figure in the NVMe Base Specification.", 316*f2a8e57eSGunnar Mills "SHA384": "This value shall indicate the SHA-384 hash function as defined by the 'DH-HMAC-CHAP hash function identifiers' figure in the NVMe Base Specification.", 317*f2a8e57eSGunnar Mills "SHA512": "This value shall indicate the SHA-512 hash function as defined by the 'DH-HMAC-CHAP hash function identifiers' figure in the NVMe Base Specification." 318*f2a8e57eSGunnar Mills }, 319*f2a8e57eSGunnar Mills "longDescription": "This enumeration shall list the NVMe secure hash algorithms that a key is allowed to use.", 320*f2a8e57eSGunnar Mills "type": "string" 321*f2a8e57eSGunnar Mills }, 322*f2a8e57eSGunnar Mills "NVMeoFSecurityProtocolType": { 323*f2a8e57eSGunnar Mills "description": "The NVMe security protocols that a key is allowed to use.", 324*f2a8e57eSGunnar Mills "enum": [ 325*f2a8e57eSGunnar Mills "DHHC", 326*f2a8e57eSGunnar Mills "TLS_PSK", 327*f2a8e57eSGunnar Mills "OEM" 328*f2a8e57eSGunnar Mills ], 329*f2a8e57eSGunnar Mills "enumDescriptions": { 330*f2a8e57eSGunnar Mills "DHHC": "Diffie-Hellman Hashed Message Authentication Code Challenge Handshake Authentication Protocol (DH-HMAC-CHAP).", 331*f2a8e57eSGunnar Mills "OEM": "OEM.", 332*f2a8e57eSGunnar Mills "TLS_PSK": "Transport Layer Security Pre-Shared Key (TLS PSK)." 333*f2a8e57eSGunnar Mills }, 334*f2a8e57eSGunnar Mills "enumLongDescriptions": { 335*f2a8e57eSGunnar Mills "DHHC": "This value shall indicate the Diffie-Hellman Hashed Message Authentication Code Challenge Handshake Authentication Protocol (DH-HMAC-CHAP) as defined by the NVMe Base Specification.", 336*f2a8e57eSGunnar Mills "OEM": "This value shall indicate an OEM-defined security protocol. The `OEMSecurityProtocolAllowList` property shall contain the specific OEM protocol.", 337*f2a8e57eSGunnar Mills "TLS_PSK": "This value shall indicate Transport Layer Security Pre-Shared Key (TLS PSK) as defined by the NVMe TCP Transport Specification." 338*f2a8e57eSGunnar Mills }, 339*f2a8e57eSGunnar Mills "longDescription": "This enumeration shall list the NVMe security protocols that a key is allowed to use.", 340*f2a8e57eSGunnar Mills "type": "string" 341*f2a8e57eSGunnar Mills }, 342*f2a8e57eSGunnar Mills "NVMeoFSecurityTransportType": { 343*f2a8e57eSGunnar Mills "description": "The NVMe security transports that a key is allowed to use.", 344*f2a8e57eSGunnar Mills "enum": [ 345*f2a8e57eSGunnar Mills "TLSv2", 346*f2a8e57eSGunnar Mills "TLSv3" 347*f2a8e57eSGunnar Mills ], 348*f2a8e57eSGunnar Mills "enumDescriptions": { 349*f2a8e57eSGunnar Mills "TLSv2": "Transport Layer Security (TLS) v2.", 350*f2a8e57eSGunnar Mills "TLSv3": "Transport Layer Security (TLS) v3." 351*f2a8e57eSGunnar Mills }, 352*f2a8e57eSGunnar Mills "enumLongDescriptions": { 353*f2a8e57eSGunnar Mills "TLSv2": "This value shall indicate Transport Layer Security (TLS) v2 as defined by the 'Transport Specific Address Subtype `Definition` for NVMe/TCP Transport' figure in the NVMe TCP Transport Specification.", 354*f2a8e57eSGunnar Mills "TLSv3": "This value shall indicate Transport Layer Security (TLS) v3 as defined by the 'Transport Specific Address Subtype `Definition` for NVMe/TCP Transport' figure in the NVMe TCP Transport Specification." 355*f2a8e57eSGunnar Mills }, 356*f2a8e57eSGunnar Mills "longDescription": "This enumeration shall list the NVMe security transports that a key is allowed to use.", 357*f2a8e57eSGunnar Mills "type": "string" 358*f2a8e57eSGunnar Mills }, 359*f2a8e57eSGunnar Mills "OemActions": { 360*f2a8e57eSGunnar Mills "additionalProperties": true, 361*f2a8e57eSGunnar Mills "description": "The available OEM-specific actions for this resource.", 362*f2a8e57eSGunnar Mills "longDescription": "This type shall contain the available OEM-specific actions for this resource.", 363*f2a8e57eSGunnar Mills "patternProperties": { 364*f2a8e57eSGunnar Mills "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 365*f2a8e57eSGunnar Mills "description": "This property shall specify a valid odata or Redfish property.", 366*f2a8e57eSGunnar Mills "type": [ 367*f2a8e57eSGunnar Mills "array", 368*f2a8e57eSGunnar Mills "boolean", 369*f2a8e57eSGunnar Mills "integer", 370*f2a8e57eSGunnar Mills "number", 371*f2a8e57eSGunnar Mills "null", 372*f2a8e57eSGunnar Mills "object", 373*f2a8e57eSGunnar Mills "string" 374*f2a8e57eSGunnar Mills ] 375*f2a8e57eSGunnar Mills } 376*f2a8e57eSGunnar Mills }, 377*f2a8e57eSGunnar Mills "properties": {}, 378*f2a8e57eSGunnar Mills "type": "object" 379*f2a8e57eSGunnar Mills } 380*f2a8e57eSGunnar Mills }, 381*f2a8e57eSGunnar Mills "language": "en", 382*f2a8e57eSGunnar Mills "owningEntity": "DMTF", 383*f2a8e57eSGunnar Mills "release": "2021.2", 384*f2a8e57eSGunnar Mills "title": "#KeyPolicy.v1_0_1.KeyPolicy" 385*f2a8e57eSGunnar Mills}