Clone key, 36 create key section components – HP Secure Key Manager User Manual
Page 119

Table 36 Create Key section components
Component
Description
Key Name
This is the name that the server uses to refer to the key. The key name must begin with
a letter, must be between 1 and 64 characters (inclusive), and can consist of only
letters, numbers, underscores (_), periods (.), and hyphens (-).
Owner Username
You do not have to specify an owner for the key; if you leave that field blank, the
imported key is a global key and therefore accessible to all users. If you want to
assign an owner for the key, you can specify any valid user in the Owner Username
field. If you assign an owner, then that user is the only user who can access the key
(unless the key is given additional group permissions later).
Algorithm
The algorithm might be any one of the following:
•
AES-256
•
AES-192
•
AES-128
•
DES-EDE-168 (three key triple DES)
•
DES-EDE-112 (two key triple DES)
•
DES
•
RC4-128
•
RC4-40
•
HmacSHA1
•
RSA-2048
•
RSA-1024
•
RSA-512
NOTE:
Some of the algorithms listed above will not be available on FIPS-compliant
devices.
Deletable
A check mark in the box indicates that the key is deletable via an XML request by
the key owner (or any user for global keys). After a key is created, this value may
be changed.
Exportable
A check mark in the box indicates that the key is exportable via an XML request.
An exportable key can be exported by its owner and by members of a group with
“Export” permission for the key. (A global key marked exportable can be exported by
any user.) After a key is created, this value may be changed.
Versioned Key Bytes
When selected, the key contains multiple versions, up to a maximum of 4000. Each
key version has unique key bytes, but shared key metadata (key name, algorithm,
permissions, etc. The first key version is created when the key is created. Additional
key versions may be created later using the Key Versions section.
Copy Group
Permissions From
Select an existing key to copy its group permissions. The new key and the existing
key must be of compatible types; specifically, they must both use RSA, both use
HmacSHA1, or they may use either AES, DES, or RC4.
Create
Click Create to create the key.
Clone Key
Use this section to assign the key bytes and key metadata from an existing key to a new key. You can
choose to copy or ignore the existing group permissions and custom attributes. You can also use this
section to create a versioned key from a non-versioned key.
Secure Key Manager
119