cmu getattribute

This function outputs any viewable attributes for an object. An optional output filename can be used to direct the output to a file.

Syntax

cmu getAttribute {-handle=<handle#> | -ouid=<OUID#>} [-attributes=<attribute(s)>] [-outputFile=<filename>]

Argument(s) Description
-attributes=<attribute(s)>

Lists the attributes to be displayed for the object as a comma-separated list. Multiple instances of this option can also be used to define multiple attributes. If this parameter is omitted, all viewable attributes are displayed.

alwayssensitive keytype sign

application

label

startdate

certificatetype

local

subjec

class

modifiable

token
decrypt

modulus

unwrap

derive

modulusbits

value

encrypt

neverextractable

verify

enddate

private

wrap

extractable

publicexponent

 

id

sensitive  

issuer

serialnumber

 

TIP   If the object is not secret, its value can be displayed. If the object is secret, then the output of "value" is simply meaningless place-holder data.

-handle=<handle#>

The object handle. If this parameter is omitted and there is only one object on the partition, that object is automatically selected. If this parameter is omitted and there are multiple objects on the partition, you are prompted to select the object. This method of selection applies to application partitions on Luna HSMs only. On a Luna Cloud HSM service slot, use -ouid.

On a Luna keyring, this command-line option returns no information; you must select the object handle from the list when prompted.

-ouid=<OUID#> The Object Unified Identifier (OUID). If this parameter is omitted and there is only one object on the partition, that object is automatically selected. If this parameter is omitted and there are multiple objects on the partition, the user is prompted to select the object. This method of selection requires Luna HSM Client 10.2.0 or newer, and applies to Luna Cloud HSM services only. On a Luna HSM application partition slot, use -handle.
-outputFile=<filename> Defines the filename to which the attribute set is written. If this parameter is omitted, the attribute set is written to the display.

See also Common CMU Options.

Example

The following command outputs all of the viewable attributes for the object with handle 46:

cmu getAttribute -handle=46

The following command outputs the label, public exponent and modulus of key 9 to file keydata.txt:

cmu getAttribute -handle=9 -attribute=label,publicExponent,modulus -outputFile=keydata.txt