2
– Integrating Google Cloud Platform with SafeNet Luna HSM
Google Cloud Platform Integration Guide
12
8. Now create an AES256 key on HSM partition that will be used to encrypt the contents on cloud. To generate
the key run the
ckdemo
utility provided with Luna Client.
# ckdemo
It will show you the available options and prompt for your choice, below are choices (Numeric Values) to
generate an AES256 key
( 1) Open Session
Enter your choice: 1
( 3) Login
Enter your choice: 3
Crypto Officer [0]
Crypto User [1]: 0
Enter PIN : ********
(45) Simple Generate Key
Enter your choice: 45
Select type of key to generate
[ 1] DES [ 2] DES2 [ 3] DES3 [ 5] CAST3
[ 6] Generic [ 7] RSA [ 8] DSA [ 9] DH [10] CAST5
[11] RC2 [12] RC4 [13] RC5 [14] SSL3 [15] ECDSA
[16] AES [17] SEED [18] KCDSA-1024 [19] KCDSA-2048
[20] DSA Domain Param [21] KCDSA Domain Param
[22] RSA X9.31 [23] DH X9.42 [24] ARIA
[25] DH PKCS Domain Param [26] RSA 186-3 Aux Primes
[27] RSA 186-3 Primes [28] DH X9.42 Domain Param
[29] ECDSA with Extra Bits
> 16
Enter Key Length in bytes (16, 24, 32): 32
Enter Is Token Attribute [0-1]: 1
Enter Is Sensitive Attribute [0-1]: 1
Enter Is Private Attribute [0-1]: 1
Enter Encrypt Attribute [0-1]: 1
Enter Decrypt Attribute [0-1]: 1
Enter Sign Attribute [0-1]: 1
Enter Verify Attribute [0-1]: 1
Enter Wrap Attribute [0-1]: 1
Enter Unwrap Attribute [0-1]: 1
Enter Derive Attribute [0-1]: 1
Enter Extractable Attribute [0-1]: 1