Exporting a Symmetric Key

Configure command for exporting a Symmetric Key.

The exSymKey command exports plain text copy of a symmetric key from the HSM and saves it in a file on the disk.

Open a command prompt and run exSymKey command to export a symmetric key.

Syntax

exSymKey -h -w <wrapping key> -k <key to export> [-m <wrapping mechanism>] [-wk <unwrapping key file>]

Where,

Parameter Description
-h displays this information
-w specifies the handle of the wrapping key
-k specifies the public key handle
-m Specifies the wrapping mechanism (Optional) CLOUDHSM_AES_KEY_WRAP and NIST_AES_WRAP_PAD. Default value is 4.
-wk Specifies the AES key to unwrap the key that is being exported. Enter the path and name of a file that contains a plaintext AES key.

Example


Command:  exSymKey -k 128 -out t1   
PEM formatted public key is written to t1   
exSymKey returned: 0x00 : HSM Return: SUCCESS