Versions Compared

Old Version 3

changes.mady.by.user Karolin Hemmingsson

Saved on

compared with

New Version Current

changes.mady.by.user Josefin Klang

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
This article is valid from CM 8.0.

This article describes the syntax for how to generate an AES or 3DES key. The hwsetup command line tool, included in Nexus Certificate Manager (CM), is used.

Syntax

Code Block
languagetext
title

...

Syntax: Generate AES or 3DES key
hwsetup -libname <pkcs11lib> [-slot <slot#>] [-id <CKA_ID>] [-label <CKA_LABEL>] [-login user|so] [-pin <PIN>] [-nopinpad] -genkey <key type> [-force]

Options and arguments

For a description of the options libnameslotpin, nopinpadid, noidlabellogin, extractable and force and their arguments, see Generate DSA/EC/RSA key pair.

Options and ArgumentsDescription
genkey <key type>

Use this option to generate a symmetric key. Replace <key type> with the desired key type. Key types AES (128), AES-128, AES-192, AES-256 or DES3 are supported in this version.

Default: DES3

Examples

To generate an AES 128-bit key:

Code Block
languagetext
titleExample: Generate AES 128-bit key
hwsetup -libname crypto -slot 1 -pin abcd -genkey AES -label "An AES-128 key"

To generate a 3DES key:

Code Block
languagetext
titleExample: Generate 3DES key
hwsetup -libname crypto -slot 1 -pin abcd -genkey DES3 -label "A 3DES key"

...

Options and arguments

For a description of the options libnameslotpinidlabellogin, nopinpad, and force and their arguments, see Generate DSA/EC/RSA key pair.

...

Use this option to generate a symmetric key. Replace <key type> with the desired key type. Key types AES (128), AES-128, AES-192, AES-256 or DES3 are supported in this version.

...