Importing a Symmetric Key

Configure command for importing a Symmetric Key.

The imSymKey command enables you to import a symmetric key into the HSM.

Open a command prompt and run imSymKey command to import a symmetric key into the HSM.

Syntax

Syntax: imSymKey -h -l <label> -t <key type> -f <key file name> -s [-sess] -w <wrapper key handle> -id [-min_srv <minimum number of servers>] [-timeout <number of seconds>] [-nex]

 

Where,

Parameter Description
-h Displays this information
-l Private key label.
-t

Key type:

31 = AES
-f

Filename containing the key to import. File size for each key type:

AES = 16, 24, or 32 bytes

-w Wrapping key handle (KEK = 4).
-s Specifies the key size in bytes for AES : 16, 24, 32
-sess specifies key as session key.
-min_srv specifies the minimum number of HSMs in which the key is synchronized before the value of the -timeout parameter expires. If the key is not synchronized to the specified number of servers in the time allotted, it is not created. Default value for min_srv is 1.
-timeout Specifies the number of seconds to wait for the key to get synced when min_srv option is used. If nothing is specified, the polling will continue forever.

Example

Command:  imSymKey -l kms-example -t 31 -f t1 -w 4
        ImportWrapKey returned: 0x00 : HSM Return: SUCCESS
        CreateUnwrapTemplate2 returned: 0x00 : HSM Return: SUCCESS
        ImportUnWrapKey returned: 0x00 : HSM Return: SUCCESS
        Symmetric Key Imported.  Key Handle: 126
        Cluster Status:
       Node id 0 status: 0x00000000 : HSM Return: SUCCESS
       Node id 0 status: 0x00000000 : HSM Return: SUCCESS