netHSM API error code

PhilC · November 20, 2022, 7:45pm

Dear Nitrokey teams,

First, many thanks for your product.
I’m planning to use a Docker Nitrokey HSM image to set up a pratical work in an engineering school.

Unfortunately, when I want to generate a key, I got an error code 415 which is not documented in the nethsm-api.yaml.

Could you help me to identify the error ? Is there an exhaustiv list of error available ? Just to be sure I will be able to support students.

Many thanks in advance for your help.

With my best regards.

Philippe.

markus-nitrokey · November 21, 2022, 10:24am

Dear Philippe,

thanks for your message and the feedback!

I will help you to resolve the problem.
To provide the best help I need a few more information.

You tried to generate a key on POST /keys/generate. Correct?
Did you use the REST API directly or the Nitropy tool?
What kind of key did you try to generate? Maybe you can post the data you sent?

Looking forward to hearing from you!

Best,
Markus

PhilC · November 21, 2022, 12:02pm

Dear Markus,

Thank you very much for your help.

Regarding your questions, the answers are

Correct.
I use the direct REST API with python and requests module.
params = {
“mechanisms”: [
“RSA_Signature_PSS_SHA256”
],
“type”: “RSA”,
“length”: 2048,
“id”: “myRsaSignKey”
}

I rely on the requests module to send back the status code that it receives. Do you think, that I need to monitor the communication ?

Best.

Philippe.

markus-nitrokey · November 21, 2022, 1:58pm

Dear Philippe,

thanks for your quick response!

The parameters you provided for the request body look valid.
We assume the content type of the request might be incorrect,
because HTTP error 415 indicates “Unsupported Media Type”

I prepared a small example for you, using our demo instance.

import requests
from requests.auth import HTTPBasicAuth

url = "https://nethsmdemo.nitrokey.com/api/v1/keys/generate"
headers = {'content-type': 'application/json', }
basic = HTTPBasicAuth('admin', 'adminadmin')
data={
    "mechanisms": [
        "RSA_Signature_PSS_SHA256"
    ],
    "type": "RSA",
    "length": 2048,
    "id": "myRsaSignKey"
}

r = requests.post(url, json=data, headers=headers, auth=basic)

The example sets the content-type to application/json.

Regarding the error codes I will look into improving the documentation.
For testing purposes I can recommend to give the Curl utility a try.
It allows to send HTTP requests from the commandline.
The NetHSM API documentation can provide you the respective command when you click the “Try it out” button under an endpoint.

Please don’t hesitate to reach out if you have further problems or questions!

Best,
Markus