Skip to main content

Cryptographic policy

This API is based on the Device Configuration API framework. For guidance on how to use these APIs, please refer to Device Configuration APIs.

The VAPIX® Cryptographic policy management API allows you to configure a cryptographic policy for services in the system. A cryptographic policy contains a definition of what cryptographic algorithms and protocols are allowed to use.

The API exposes a collection of policies you can choose from. You can check details for each available policy. This include selecting one policy in the collection to be the active one, or fetch the currently active policy.

Use cases

Manage the active policy

List all policies

Use the crypto-policy.v1.policies collection to list all available cryptographic policies.

Example:

curl --request GET \
  --anyauth \
  --user "<username>:<password>" \
  --http1.1 \
  --header "Content-Type: application/json" \
  http://my-device/config/rest/crypto-policy/v1/policies
200 OK
Content-Type: application/json

{
    "status": "success",
    "data": [
        {
            "name": "DEFAULT",
            "nice_name": "Default",
            "description": "Default policy from OpenSSL"
        },
        {
            "name": "FIPS",
            "nice_name": "FIPS 140-3",
            "description": "Policy to comply with FIPS 140-3"
        }
    ]
}

Get the active cryptographic policy

Use the crypto-policy.v1.active_policy property to check which cryptographic policy is active.

Example:

curl --request GET \
  --anyauth \
  --user "<username>:<password>" \
  --http1.1 \
  --header "Content-Type: application/json" \
  http://my-device/config/rest/crypto-policy/v1/active_policy
200 OK
Content-Type: application/json

{
    "status": "success",
    "data": "DEFAULT"
}

Set the active cryptographic policy

Use the crypto-policy.v1.active_policy property to change the active cryptographic policy.

Example:

curl --request PATCH \
  --anyauth \
  --user "<username>:<password>" \
  --http1.1 \
  --header "Content-Type: application/json" \
  http://my-device/config/rest/crypto-policy/v1/active_policy \
  --data '{
    "data": "FIPS"
}'
200 OK
Content-Type: application/json

{
    "status": "success"
}

API definition

Structure

crypto-policy.v1 (Root Entity)
    ├── active_policy (Property)
    ├── policies (Entity Collection)
        ├── description (Property)
        ├── name (Property)
        ├── nice_name (Property)

Entities

crypto-policy.v1

  • Description: The cryptographic policy management root object
  • Type: Singleton
  • Operations
    • Get
  • Attributes
    • Dynamic Support: No
Properties
active_policy
  • Description: The cryptographic policy that is active
  • Datatype: name
  • Operations
    • Get (Permissions: admin, operator, viewer)
    • Set (Permissions: admin)
  • Attributes
    • Nullable: No
    • Dynamic Support: No / Dynamic Enum: No / Dynamic Range: No

This represents the cryptographic policy that has been applied. The policy is identified by its name.

Actions

This entity has no actions.

crypto-policy.v1.policies

  • Description: The cryptographic policies
  • Type: Collection (Key Property: name)
  • Operations
    • Get
  • Attributes
    • Dynamic Support: No

This collection contains all cryptographic policies that the user may choose from. A policy is uniquely identified by its name.

Users can also see details about each policy, such as a textual description of the cryptographic policy.

Properties
description
  • Description: The policy description
  • Datatype: pol_description
  • Operations
    • Get (Permissions: admin, operator, viewer)
  • Attributes
    • Nullable: No
    • Dynamic Support: No / Dynamic Enum: No / Dynamic Range: No
name
  • Description: The policy identifier
  • Datatype: name
  • Operations
    • Get (Permissions: admin, operator, viewer)
  • Attributes
    • Nullable: No
    • Dynamic Support: No / Dynamic Enum: No / Dynamic Range: No
nice_name
  • Description: Human friendly name for the policy
  • Datatype: nice_name
  • Operations
    • Get (Permissions: admin, operator, viewer)
  • Attributes
    • Nullable: No
    • Dynamic Support: No / Dynamic Enum: No / Dynamic Range: No
Actions

This entity has no actions.

Data Types

name

  • Description: Identifier for a cryptographic policy
  • Type: string
  • Minimum Length: 1
  • Maximum Length: 32

nice_name

  • Description: A human friendly name for a cryptographic policy
  • Type: string
  • Minimum Length: 1
  • Maximum Length: 128

pol_description

  • Description: The cryptographic policy description
  • Type: string
  • Maximum Length: 1024