exec master..dbd_list_token_keys [@module sysname], [@slot int]

The function lists AES keys in the token specified by the slot number and module name. If @module and @slot are not specified, the procedure lists all AES keys in all tokens of all modules. RSA keys, Certificates or Secrets are not used by DbDefence encryption and not listed. Usually AES keys require a user to login to be enumerated. DbDefence doesn't provide functionality to manage AES keys . Please refer to your token documentation or consult a security officer. You may also find several tools on the Internet (free and commercial) to work with PKCS#11 modules. If you have specific needs or have any difficulties, please contact support@activecrypt.com.


module -module name

slot -slot number

label -AES key label. This label is used to refer the AES key at encryption time to the command line Encryptor or API. The PKCS#11 specification allows several keys to have the same label. This, however, will be confusing for DbDefence and may not work correctly.

Example output:

module          slot    label
--------------- ------- --------------------------
etoken          1        test_key1
acdemopkcs11    1        db_key

To login, use dbd_login_token.