Generate AES or 3DES key
This article describes the syntax for how to generate an AES or 3DES key. The hwsetup command line tool, included in Nexus Certificate Manager (CM), is used.
Syntax
Syntax: Generate AES or 3DES key
hwsetup -libname <pkcs11lib> [-slot <slot#>] [-id <CKA_ID>] [-label <CKA_LABEL>] [-login user|so] [-pin <PIN>] [-nopinpad] -genkey <key type> [-force]
Options and arguments
For a description of the options libname
, slot
, pin
, nopinpad
, id
, noid
, label
, login,
extractable
and force
and their arguments, see Generate DSA/EC/RSA key pair.
Options and Arguments | Description |
---|---|
genkey <key type> | Use this option to generate a symmetric key. Replace Default: DES3 |
Examples
To generate an AES 128-bit key:
Example: Generate AES 128-bit key
hwsetup -libname crypto -slot 1 -pin abcd -genkey AES -label "An AES-128 key"
To generate a 3DES key:
Example: Generate 3DES key
hwsetup -libname crypto -slot 1 -pin abcd -genkey DES3 -label "A 3DES key"