NET API
HSM Dinamo
Loading...
Looking for...
No entries found
Data Structures | Functions
Users

Detailed description

HSM user management.

See the HSM technical documentation.

Data Structures

struct  DinamoClient.UserTrustInfo
 

Functions

void ChangePasswordUser (string szPassword)
 
void ChangeUserPassword (string szPassword)
 Changes the current user's password.
 
void AssignEventToken (string szUserId, byte[] byKey)
 It associates a standard event OTP token OATH with a user. After this call, the user will only authenticate with username, password and OTP.
 
void AssignTimeToken (string szUserId, byte[] byKey, UInt64 iInitialTime, Int16 iStep)
 It associates a standard time OTP token OATH with a user. After this call, the user will only authenticate with username, password and OTP.
 
void UnassignToken (string szUserId)
 Disassociates OTP authentication from a user. After this call, the user will only authenticate with username and password.
 
void OATHResync (string szUser, string szOTP1, string szOTP2)
 Re-synchronizes an event token, standard OATH, associated with an HSM user. It receives two consecutive OTPs, generated by the token, to synchronize the state of the token in the HSM user.
 
int GetUserAuthMask (string szUserName)
 Retrieves the user's authorization mask.
 
UserTrustInfo[] ListUserTrusts (string user, byte bType)
 Recover the user's relationships of trust.
 
string[] ListUsers ()
 Lists HSM users.
 
void BlockUser (string szUserName, bool bBlock)
 Blocks or unblocks a user.
 
void SetUserAuthMask (string szUserName, int iACL)
 Defines a user's authorization mask.
 
int GetUserInvalidLoginAttempts (string szUserName)
 Recovers the number of invalid login attempts since the last successful authentication.
 
bool IsUserBlocked (string szUserName)
 Checks if a user is blocked.
 
void CreateUser (string UserId, string Password)
 Creates an ordinary user, without system permissions.
 
void RemoveUser (string UserId)
 Remove a user.
 

Functions

ChangePasswordUser()

void ChangePasswordUser ( string szPassword)
inline
Obsolete
API discontinued. Please use ChangeUserPassword.

ChangeUserPassword()

void ChangeUserPassword ( string szPassword)
inline

Changes the current user's password.

Parameters
szPasswordNew password.
Exceptions
DinamoExceptionThrows exception in case of error.

AssignEventToken()

void AssignEventToken ( string szUserId,
byte[] byKey )
inline

It associates a standard event OTP token OATH with a user. After this call, the user will only authenticate with username, password and OTP.

Parameters
szUserIdUser name.
byKeyKey(seed) used to define the standard OTP OATH.
Exceptions
DinamoExceptionThrows exception in case of error.

AssignTimeToken()

void AssignTimeToken ( string szUserId,
byte[] byKey,
UInt64 iInitialTime,
Int16 iStep )
inline

It associates a standard time OTP token OATH with a user. After this call, the user will only authenticate with username, password and OTP.

Parameters
szUserIdUser name.
byKeyKey(seed) used to define the standard OTP OATH.
iInitialTimeT0 used by the token. Defined in seconds.
Value Meaning
DinamoApi.OATH_SA_v2_default_T0_Epoch Use HSM's default value.
Parameters
iStepTime step value in seconds. In addition to setting the time step in seconds for TOTP blobs, the following values are also supported.
Value Meaning
DinamoApi.OATH_SA_v2_default_TIME_STEP Use the default HSM time step value, currently 30 secs.
Exceptions
DinamoExceptionThrows exception in case of error.
Notes
As of firmware version 4.0.2, the size of the authentication look-ahead window is set to the default of 10 intervals more or less. In the case of HOTP tokens, the intervals will be counted by the number of events, while in the case of TOTP tokens, they will be counted by the number of time-steps.

UnassignToken()

void UnassignToken ( string szUserId)
inline

Disassociates OTP authentication from a user. After this call, the user will only authenticate with username and password.

Parameters
szUserIdUser name.
Exceptions
DinamoExceptionThrows exception in case of error.

OATHResync()

void OATHResync ( string szUser,
string szOTP1,
string szOTP2 )
inline

Re-synchronizes an event token, standard OATH, associated with an HSM user. It receives two consecutive OTPs, generated by the token, to synchronize the state of the token in the HSM user.

Parameters
szUserUser name.
szOTP1First OTP, for synchronization, generated by the token.
szOTP2Second OTP, for synchronization, generated by the token.
Exceptions
DinamoExceptionThrows exception in case of error.

GetUserAuthMask()

int GetUserAuthMask ( string szUserName)
inline

Retrieves the user's authorization mask.

Parameters
szUserNameUser name.
Return
User authorization mask.
Exceptions
DinamoExceptionThrows exception in case of error.

ListUserTrusts()

UserTrustInfo[] ListUserTrusts ( string user,
byte bType )
inline

Recover the user's relationships of trust.

Parameters
userUser name.
bTypeOperation type: DinamoApi.OP_LST_USR_TRUSTERS to list the users who trust the specified user. DinamoApi.OP_LST_USR_TRUSTEES to list the users that the current user trusts.
Return
User authorization mask.
Exceptions
DinamoExceptionThrows exception in case of error.

ListUsers()

string[] ListUsers ( )
inline

Lists HSM users.

Return
String array containing user names.
Exceptions
DinamoExceptionThrows exception in case of error.

BlockUser()

void BlockUser ( string szUserName,
bool bBlock )
inline

Blocks or unblocks a user.

Parameters
szUserNameUser name.
bBlocktrue to block and false to unblock.
Exceptions
DinamoExceptionThrows exception in case of error.

SetUserAuthMask()

void SetUserAuthMask ( string szUserName,
int iACL )
inline

Defines a user's authorization mask.

Parameters
szUserNameUser name.
iACLThe user's authorization mask must be assembled by concatenating the values below:
Value Meaning
DinamoApi.ACL_NOP User with ordinary authorizations only.
DinamoApi.ACL_OBJ_CREATE Permission to create objects. Read permission(DinamoApi.ACL_OBJ_READ) is assigned implicitly.
DinamoApi.ACL_OBJ_DEL Permission to remove objects. Read permission(DinamoApi.ACL_OBJ_READ) is assigned implicitly.
DinamoApi.ACL_OBJ_READ Permission to read the contents of objects.
DinamoApi.ACL_OBJ_UPDATE
DinamoApi.ACL_OBJ_WRITE 		Permission to update object attributes.
DinamoApi.ACL_OBJ_UPDATE = DinamoApi.ACL_OBJ_WRITE
DinamoApi.ACL_USR_CREATE
DinamoApi.ACL_USR_DELETE 		Permission to create and remove users.
DinamoApi.ACL_USR_CREATE = DinamoApi.ACL_USR_DELETE
DinamoApi.ACL_USR_REMOTE_INFO Permission to receive remote log notifications.
DinamoApi.ACL_USR_LIST Permission to list users.
DinamoApi.ACL_SYS_OPERATOR Permission to operate as the user 'master'.
DinamoApi.ACL_SYS_BACKUP
DinamoApi.ACL_SYS_RESTORE 		Permission to create and restore backup copies of HSM data.
DinamoApi.ACL_SYS_BACKUP = DinamoApi.ACL_SYS_RESTORE
DinamoApi.ACL_SYS_UDATE_HSM Permission to update the firmware.
Exceptions
DinamoExceptionThrows exception in case of error.

GetUserInvalidLoginAttempts()

int GetUserInvalidLoginAttempts ( string szUserName)
inline

Recovers the number of invalid login attempts since the last successful authentication.

Parameters
szUserNameUser name.
Return
Number of invalid login attempts.
Exceptions
DinamoExceptionThrows exception in case of error.

IsUserBlocked()

bool IsUserBlocked ( string szUserName)
inline

Checks if a user is blocked.

Parameters
szUserNameUser name.
Return
Lock status.
Exceptions
DinamoExceptionThrows exception in case of error.

CreateUser()

void CreateUser ( string UserId,
string Password )
inline

Creates an ordinary user, without system permissions.

Parameters
UserIdUser name. It must be unique, made up of alphanumeric characters. Uppercase and lowercase characters are case-sensitive. Maximum size of DinamoApi.MAX_USR_LEN
PasswordUser password. Uppercase and lowercase characters are case-sensitive. Maximum size of DinamoApi.MAX_USR_PWD
Exceptions
DinamoExceptionThrows exception in case of error.

RemoveUser()

void RemoveUser ( string UserId)
inline

Remove a user.

Parameters
UserIdUser name.
Exceptions
DinamoExceptionThrows exception in case of error.
Generated by Doxygen / Doxygen Awesome