Fortanix-Data-Security-Manager (DSM) does support the expiry of security objects, including SECRET type. You can set the expiry for a future date or you can expire an object immediately. On expiry/deactivation, the object goes into the "Deactivated" state.
In a deactivated state, a key cannot be used to apply cryptographic protection (for example, encryption, signing, wrapping, MACing, deriving). The key can only be used to process cryptographically protected information (for example: decryption, signature verification, unwrapping, MAC verification).
In a deactivated state, a SECRET value can no longer be fetched. You will not be able to get the value of this object if it is expired/deactivated.
Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.
Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.