...
Info |
---|
This article is valid from CM 8.0. |
This article describes the syntax for how to generate an AES or 3DES key. The hwsetup command line tool, included in Nexus Certificate Manager (CM), is used.
Syntax
Code Block | |||
---|---|---|---|
|
...
| |
hwsetup -libname <pkcs11lib> [-slot <slot#>] [-id <CKA_ID>] [-label <CKA_LABEL>] [-login user|so] [-pin <PIN>] [-nopinpad] -genkey <key type> [-force] |
Options and arguments
For a description of the options libname
, slot
, pin
, nopinpad
, id
, noid
, label
, login,
extractable
and force
and their arguments, see Generate DSA/EC/RSA key pair.
Options and Arguments | Description |
---|---|
genkey <key type> | Use this option to generate a symmetric key. Replace Default: DES3 |
Examples
To generate an AES 128-bit key:
Code Block | ||||
---|---|---|---|---|
| ||||
hwsetup -libname crypto -slot 1 -pin abcd -genkey AES -label "An AES-128 key" |
To generate a 3DES key:
Code Block | ||||
---|---|---|---|---|
| ||||
hwsetup -libname crypto -slot 1 -pin abcd -genkey DES3 -label "A 3DES key" |
...
Options and arguments
For a description of the options libname
, slot
, pin
, id
, label
, login,
and their arguments, see Generate DSA/EC/RSA key pair.nopinpad
, and force
...
Use this option to generate a symmetric key. Replace <key type> with the desired key type. Key types AES (128), AES-128, AES-192, AES-256 or DES3 are supported in this version.
...