Breadcrumbs

CLI: Generating and Wrapping Your Key


  1. Use the following command to generate an AES key:

›_ Console 

> p11tool2 Slot=<slot_ID> LoginUser=ask KeyAttr=CKA_LABEL=<key_label>,CKA_ID=
<key_ID>,CKA_EXTRACTABLE=CK_TRUE GenerateKey=AES
tmpu4uz7fn9.jpg

Creating key with p11tool2

  1. Navigate to the folder where you have the byoktool saved. Execute the following command to wrap the key by using the key, downloaded from GCP:

›_ Console 

> byoktool Dev=<IP_of_UTIMACO_HSM> LogonPass=USR_0000,<user_password> Label="
<key_label>" CSP=gcp PublicKey=<Wrapping_Key_File>"
WrappedKey="<Wrapped_Key_OutputFile>"
tmpz_na3dwb.jpg

Wrapping key with byoktool