This topic explains the process of retrieving key attribute values from HSM using the getAttribute function.
Feature description
The getAttribute function is designed to retrieve a key's attributes from HSM, including its type, class, tag, and ID, along with permissible operations such as encryption, decryption, wrapping, signing, and authentication. This command is exclusively available to administrators (CO).
Prior to executing this command, you must initiate the hsm_mgmt_tool, log on to HSM, and verify that the user type is authorized to use the command.
User types
The command can be executed by the following user types. For detailed user descriptions, see HSM user permission table.
Administrator (CO)
Syntax
Enter the command following the syntax provided below. For an explanation of the parameters, refer to Parameters.
getAttribute <key handle> <attribute id> [<filename>]Parameters must be entered in the sequence outlined in the syntax.
Example
The example below demonstrates how to obtain the OBJ_ATTR_EXTRACTABLE attribute value (indicating exportability) of a key with handle 6. For a description of attribute constants, see Key attribute constants.
cloudmgmt>getAttribute 6 354
Attribute Value on server 0(172.16.0.2):
OBJ_ATTR_EXTRACTABLE
0x00000001Parameters
Parameter name | Description | Required | Valid values |
<key handle> | Key handle | Yes | No Special Requirements |
<attribute id> | Constant of the key attribute
| Yes | No Special Requirements |
[<output file>] | File name to save the output data | Optional | No Special Requirements |