dbd_list_token_keys

exec master..dbd_list_token_keys [@module sysname], [@slot int]

The function lists AES keys in token specified by slot number and module name. If @module and @slot not specified the procedure lists all AES keys in all tokens of all modules. RSA keys, Certificates or Secrets are not used by DbDefence encryption and not listed. Usually AES keys require user to login to be enumerated. DbDefence doesn't provide functionality to manage AES keys . Please refer token documentation or consult security officer. You may also find several tools in Internet (free and commercial) to work with PKCS#11 modules. If you have specific needs or have difficulties please contact support@activecrypt.com.

Fields:

module - module name

slot - slot number

label - AES key label. This label is used to refer AES key at encryption time with the command line Encryptor or API. PKCS#11 specification allows several keys have the same label. This, however, will be confusing for DbDefence and may not work correctly.

Example output:

module          slot    label
--------------- ------- --------------------------
etoken          1        test_key1
acdemopkcs11    1        db_key

To login use dbd_login_token