This topic explains the process of using the findKey command to locate keys within HSM.
Feature description
The findKey command locates keys in HSM based on key property values.
findKey is tailored to the current user, returning only the keys they own or have been shared with them.
Ensure you have initiated key_mgmt_tool and logged on to HSM as a CU before executing this command.
Syntax
Enter parameters as per the following syntax. For details on each parameter, refer to Parameters.
findKey [-c <key class>]
[-t <key type>]
[-l <key label>]
[-id <key ID>]
[-sess (0 | 1)]
[-u <user-ids>]
[-m <modulus>]
[-kcv <key_check_value>] Parameters must be entered in the sequence outlined in the syntax.
Example
Below is an example of how to find all keys.
Command: findKey
Total number of keys present: 4
Number of matching keys from start index 0::3
Handles of matching keys:
6, 7, 8, 9
Cluster Status:
Node id 0 status: 0x00000000 : HSM Return: SUCCESS
Cfm3FindKey returned: 0x00 : HSM Return: SUCCESSParameters
Parameter Name | Description | Required | Valid Values |
-t | Determines the key type. | Optional |
|
-c | Defines the key category. | Optional |
|
-l | Identifies the key label. | Optional | No specific requirements |
-id | Specifies the key ID. | Optional | No specific requirements |
-sess | Determines the key's persistence type. | Optional |
|
-u | Indicates the ID of the key owner or user with shared access. Use commas to separate multiple IDs. | Optional | No specific requirements |
-m | Specifies the path to the hex number file for the RSA modulus, aiding in the identification of RSA-created keys. | Optional | No specific requirements |
-kcv | Defines the key's KCV value. For additional information on KCV, see Key Check Value. | Optional | No specific requirements |