management.models.securityΒΆ
Security Configuration Model.
Module ContentsΒΆ
- class management.models.security.SecurityConfig(*args, **kwargs)[source]ΒΆ
Bases:
django.db.models.ModelSecurity Configuration model.
Stores the active security level together with all security thresholds for that level:
rsa_minimum_key_sizeβ minimum acceptable RSA key size in bits (0= any RSA key size allowed,None= RSA not allowed).not_permitted_ecc_curve_oidsβ JSON list oftrustpoint_core.oid.NamedCurveOID strings that are not permitted at the current level.not_permitted_signature_algorithm_oidsβ JSON list oftrustpoint_core.oid.HashAlgorithmOID strings that are not permitted.max_cert_validity_daysβ maximum certificate validity in days (None= no limit).max_crl_validity_daysβ maximum CRL validity in days (None= no limit).allow_ca_issuanceβ whether BasicConstraints ca=True is permitted in issued certs.allow_auto_gen_pkiβ whether auto-generated PKI may be enabled.allow_self_signed_caβ whether self-signed CAs with credentials are allowed.require_physical_hsmβ whether key storage must be a physical HSM.permitted_no_onboarding_pki_protocolsβ JSON list of allowedonboarding.models.NoOnboardingPkiProtocolinteger values.permitted_onboarding_protocolsβ JSON list of allowedonboarding.models.OnboardingProtocolinteger values.
Calling
apply_security_settings()applies the mode defaults onto this instance.- class SecurityModeChoices(*args, **kwds)[source]ΒΆ
Bases:
django.db.models.TextChoicesTypes of security modes.
- class NamedCurveChoices(*args, **kwds)[source]ΒΆ
Bases:
django.db.models.TextChoicesSelectable ECC curve OIDs sourced from
trustpoint_core.oid.NamedCurve.
- class HashAlgorithmChoices(*args, **kwds)[source]ΒΆ
Bases:
django.db.models.TextChoicesSelectable hash/signature algorithm OIDs from
trustpoint_core.oid.HashAlgorithm.
- apply_security_settings()[source]ΒΆ
Reset all thresholds to the defaults for the current security mode.
- Return type:
None