Extracts a key off the Luna PCIe HSM 7 in a masked format, into a file masked.key. You can rename the resulting file if you are testing with multiple extractions.

Inserts an extracted, masked blob (file) back onto the Luna PCIe HSM 7. You are prompted for the name of the file, which must have been extracted from a Luna Network HSM using the same masking key (i.e., the same Luna Network HSM or a clone of it).

Performs the multisign function, after prompting you for the mechanism to use, the number of datablobs to be signed (limited to 5 for this demonstration command), and the data or filenames to be signed.

(Reserved for Thales use) Copies an object from the Luna PCIe HSM 7 to another HSM.

This function takes a list of object handles, extracts them using the given authorization data for protection, and returns the extracted set of objects as a single data blob. The objects can be left on the partition or destroyed, depending on the value of the delete-after-extract flag.

This function inserts the objects contained in a previously extracted blob into the HSM, and returns the list of handles assigned to the objects.

This function uses the key material in a previously extracted key blob to sign pieces of data in the input data table, returning the signatures through the signature table. Note the following restrictions:

>On a Luna PCIe HSM 7 with Luna HSM Firmware 7.4.0 or older, the key blob must contain a single key, otherwise an error is returned.

>On a Luna PCIe HSM 7 with Luna HSM Firmware 7.7.0 or newer, the indicated blob must contain no more than one key/key pair that is suitable for the requested signature mechanism, otherwise an error is returned.

Extracts a key off the Luna PCIe HSM 7 into a file.