All Products
Search

This Product

    Key Management Service:findAllKeys

    Document Center

    Key Management Service:findAllKeys

    Last Updated:Nov 11, 2024

    This topic explains how to retrieve keys owned or shared by a cryptographic user (CU) on HSM using the findAllKeys command.

    Feature description

    • The findAllKeys command retrieves both exclusive and shared keys associated with a specified cryptographic user (CU). In the output, exclusive keys are marked with (o) and shared keys with (s).

    • findAllKeys returns only the public keys owned by the current CU, whereas findKey in key_mgmt_tool retrieves all public keys, including those not owned by the current CU.

    • Only administrators (CO) and device users (AU) have permission to execute this command.

    Important

    Ensure you start the hsm_mgmt_tool and log on to the HSM with a user type authorized to use this command before executing it.

    User types

    The following user types are authorized to run this command. For detailed user descriptions, see HSM user permissions table.

    • Administrator (CO)

    • Audit user (AU)

    Note

    Cryptographic users (CU) are not permitted to run findAllKeys. However, a CU can obtain the keys owned or shared by a specific cryptographic user (CU) through the following methods:

    • Use listUsers to identify all users.

    • Employ findKey within hsm_mgmt_tool to locate usable keys.

    • Utilize getKeyInfo in hsm_mgmt_tool to determine the owner and shared users of particular keys.

    Syntax

    Enter the command as per the syntax provided below. For a description of the parameters, refer to Parameters.

    findAllKeys <user id> <key hash (0/1)> [<output file>]
    Important

    Parameters must be entered in the order specified by the syntax.

    Example

    Below is an example of how to find exclusive and shared keys owned by user 3 in HSM, with the keys' hash values concealed.

    cloudmgmt>findAllKeys 3 0
Keys on server 0(172.16.0.2):
Number of keys found 1
number of keys matched from start index 0::1
6(o)
findAllKeys success on server 0(172.16.0.2)

    Parameters

    Parameter name

    Description

    Required

    Valid values

    <user id>

    The user ID for finding keys.

    Yes

    No special requirements

    <key hash (0/1)>

    Whether to hide the key hash value.

    Yes

    • 0: Hide

    • 1: Show

    [<output file>]

    The file name for saving output data.

    Optional

    No special requirements