1. Developer's Guide
  2. Introduction to the Oracle Key Vault Client SDK
  3. KMIP Features of the Oracle Key Vault Client SDK

3 KMIP Features of the Oracle Key Vault Client SDK

The communication exchange between the Oracle Key Vault client SDK and the Oracle Key Vault server will make use of the KMIP protocol.

The Key Vault Client SDK simplifies the KMIP exposure to the endpoint and supports additional functionality that makes it easier for the endpoints to communicate with the Oracle Key Vault server.

  • KMIP Version
    The Oracle Key Vault client SDK supports Version 1.1 of the KMIP specification, limited to those objects and operations required by supported profiles.
  • KMIP Profile Support
    The Oracle Key Vault client SDK supports four KMIP profiles.
  • KMIP Managed Objects
    The Oracle Key Vault client SDK supports four KMIP managed objects.
  • KMIP Operations
    The Oracle Key Vault client SDK supports 19 KMIP operations.

Parent topic: Introduction to the Oracle Key Vault Client SDK

3.1 KMIP Version

The Oracle Key Vault client SDK supports Version 1.1 of the KMIP specification, limited to those objects and operations required by supported profiles.

In addition, it also supports the encrypt, decrypt, sign, and signature verify operations and the EXTRACTABLE attribute as defined in later versions.

Parent topic: KMIP Features of the Oracle Key Vault Client SDK

3.2 KMIP Profile Support

The Oracle Key Vault client SDK supports four KMIP profiles.

The supported profiles are as follows:

  • Basic Asymmetric Key and Certificate Store

  • Basic Symmetric Key Foundry and Server

  • Basic Symmetric Key Store and Server

  • Secret Data

Parent topic: KMIP Features of the Oracle Key Vault Client SDK

3.3 KMIP Managed Objects

The Oracle Key Vault client SDK supports four KMIP managed objects.

These managed objects are as follows:

  • Opaque object

  • Secret data

  • Symmetric key

  • Template

  • Certificate

  • Public Key

  • Private Key

Parent topic: KMIP Features of the Oracle Key Vault Client SDK

3.4 KMIP Operations

The Oracle Key Vault client SDK supports 19 KMIP operations.

These KMIP operations are as follows:

  • Create

  • Register (of keys, certificates, secrets, opaque objects, and templates)

  • Rekey

  • Locate

  • Get (of keys, certificates, secrets, opaque objects, and templates)

  • Get Attribute

  • Get Attribute List

  • Add Attribute

  • Modify Attribute

  • Delete Attribute

  • Activate

  • Revoke

  • Destroy

  • Query

  • Encrypt

  • Decrypt

  • Sign

  • Signature Verify

  • Create Key Pair

Parent topic: KMIP Features of the Oracle Key Vault Client SDK