Nexus Documentation

Space shortcuts

Page tree

Nexus information on: Azure Key Leakage - Storm-0558
Nexus awareness advisory on Microsoft’s update KB5014754

Visit Nexus to get an overview of Nexus' solutions, read customer cases, access the latest news, and more.

This article describes the syntax for how to generate an AES or 3DES key. The hwsetup command line tool, included in Nexus Certificate Manager (CM), is used.

Syntax

Syntax: Generate AES or 3DES key
hwsetup -libname <pkcs11lib> [-slot <slot#>] [-id <CKA_ID>] [-label <CKA_LABEL>] [-login user|so] [-pin <PIN>] [-nopinpad] -genkey <key type> [-force]

Options and arguments

For a description of the options libnameslotpin, nopinpadid, noidlabellogin, extractable and force and their arguments, see Generate DSA/EC/RSA key pair.

Options and ArgumentsDescription
genkey <key type>

Use this option to generate a symmetric key. Replace <key type> with the desired key type. Key types AES (128), AES-128, AES-192, AES-256 or DES3 are supported in this version.

Default: DES3

Examples

To generate an AES 128-bit key:

Example: Generate AES 128-bit key
hwsetup -libname crypto -slot 1 -pin abcd -genkey AES -label "An AES-128 key"

To generate a 3DES key:

Example: Generate 3DES key
hwsetup -libname crypto -slot 1 -pin abcd -genkey DES3 -label "A 3DES key"

This article is valid from CM 8.0

Related information

© 2023 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions