Versions Compared

Old Version 2

changes.mady.by.user Ann Base (Deactivated)

Saved on

compared with

New Version 3

changes.mady.by.user Karolin Hemmingsson (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reverted from v. 1

This article describes the syntax for how to generate an AES or 3DES key. The hwsetup command line tool, included in Nexus Certificate Manager (CM), is used.

Syntax

Command

Code Block
languagetext
titleSyntaxCommand: Generate AES or 3DES key
hwsetup -libname <pkcs11lib> [-slot <slot#>] [-id <CKA_ID>] [-label <CKA_LABEL>] [-login user|so] [-pin <PIN>] [-nopinpad] -genkey <key type> [-force]

Options and arguments

For a description of the options libnameslotpin, nopinpadid, noidlabellogin, extractable and force and their arguments, see Generate DSA/EC/RSA key pair.

Options and ArgumentsDescriptiongenkey <key type>

Use this option to generate a symmetric key. Replace <key type> with the desired key type. Key types AES (128), AES-128, AES-192, AES-256 or DES3 are supported in this version.

Default: DES3
Examples
To generate an AES 128-bit key:
 Code Block
languagetext
titleExample: Generate AES 128-bit key
hwsetup -libname crypto -slot 1 -pin abcd -genkey AES -label "An AES-128 key"
To generate a 3DES key:
 Code Block
languagetext
titleExample: Generate 3DES key
hwsetup -libname crypto -slot 1 -pin abcd -genkey DES3 -label "A 3DES key"
This article is valid from CM 8.0
Related information
  • Nexus Certificate Manager
    • Initializing Hardware Security Module
    Options and arguments
    For a description of the options libnameslotpinidlabellogin, nopinpad, and force and their arguments, see Generate DSA/EC/RSA key pair.
    Options and ArgumentsDescription
    genkey <key type> 
    Use this option to generate a symmetric key. Replace <key type> with the desired key type. Key types AES (128), AES-128, AES-192, AES-256 or DES3 are supported in this version.
    Default: DES3