[openstack-dev] Barbican : Usage of mode attribute in storing and order the secret

Asha Seshagiri asha.seshagiri at gmail.com
Mon Mar 30 18:41:37 UTC 2015


Thanks a lot  Douglas for your response. It helped me .
What are the possible values of algorithm attribute? Is AES only supported
algorithm type for  Barbican or does it support any other algorithm type?

Thanks and Regards,
Asha Seshagiri

On Mon, Mar 30, 2015 at 1:04 PM, Douglas Mendizabal <
douglas.mendizabal at rackspace.com> wrote:

>  Hi Asha,
>
>  Barbican Orders of type “key” are intended to generate keys suitable for
> encryption.  The metadata associated with the key order defines the
> encryption scheme in which the key will be used.  In the example you
> provided, the order is requesting a key that is suitable for use in a block
> cipher.  Specifically you’re requesting a key that will be used with the
> “AES” block cipher, so the “mode" describes the mode of operation to be
> used, which in this case is Cipher Block Chaining or “CBC”.
>
>  Acceptable values for “mode” are dependent on the value of the
> “algorithm” attribute.  When requesting orders for keys to be used in AES
> encryption, the values for “mode” correspond to the other possible modes of
> operation for AES, such as “ECB”, “CTR”, etc.
>
>  -Doug
>
> --------------------
> Douglas Mendizábal
> IRC: redrobot
> PGP Key: 245C 7B6F 70E9 D8F3 F5D5  0CC9 AD14 1F30 2D58 923C
>
>  On Mar 30, 2015, at 12:46 PM, Asha Seshagiri <asha.seshagiri at gmail.com>
> wrote:
>
>  Any help would be appreciated ?
> Thanks in advance !
>
>  Thanks and Regards,
> Asha Seshagiri
>
> On Mon, Mar 30, 2015 at 12:45 PM, Asha Seshagiri <asha.seshagiri at gmail.com
> > wrote:
>
>> Hi All ,
>>
>>  What is the use of the mode attribute ? what does the value of this
>> attribute signify and what are the possible values of this attribute?
>> For ex :Consider the order request to create the secret :
>>
>>  POST v1/orders
>>
>> Header: content-type=application/json
>>         X-Project-Id: {project_id}
>> {
>>   "type": "key",
>>   "meta": {
>>     "name": "secretname",
>>     "algorithm": "AES",
>>     "bit_length": 256,
>>     "mode": "cbc",
>>     "payload_content_type": "application/octet-stream"
>>   }
>> }
>>
>>
>>  What does the mode  value "cbc " indicate ?
>> --
>>  *Thanks and Regards,*
>> *Asha Seshagiri*
>>
>
>
>
>  --
>  *Thanks and Regards,*
> *Asha Seshagiri*
>
>
>


-- 
*Thanks and Regards,*
*Asha Seshagiri*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150330/179e1170/attachment.html>


More information about the OpenStack-dev mailing list