This topic explains how to use the IsValidKeyHandlefile command to confirm the authenticity of a key file on the HSM.
Feature description
The IsValidKeyHandlefile command is designed to determine if a key file is an authentic RSA private key or a counterfeit PEM file. Counterfeit PEM files do not contain actual private key data but instead reference a private key within the HSM. An example of this is a key file in fake PEM format exported by getCaviumPrivKey.
Ensure you have initiated the key_mgmt_tool and logged on to the HSM as a CU before executing this command.
Syntax
Enter the parameters as outlined in the syntax below. For descriptions of each parameter, refer to parameters.
IsValidKeyHandlefile -f <private-key-file>The parameters must be entered in the sequence prescribed by the syntax.
Example
The following example demonstrates the validation of a PEM file named fakeKey.pem, verifying that it is a legitimate key file with a key handle of 8.
Command: IsValidKeyHandlefile -f /tmp/fakeKey.pem
Input file has invalid key handle: 8Parameters
Parameter name | Description | Required | Valid values |
-f | Specifies the path and name of the key file to be checked. | Yes | No special requirements |