Shared Key
Share or unshare keys you own with other crypto users.
The shareKey command enables a key owner to share or unshare a key. You can also share a key when you create it.
A crypto user can share a key for cryptographic operations but can't delete or export it.
Syntax
shareKey <key handle> <user id> <(share/unshare key?) 1/0> Example
The following examples show how to use the shareKey command to share keys that you own with another crypto user.
server0>getKeyInfo 6
Key Info on server 0(ejs6jzp5aaehw-hsmcluster.kms.us-ashburn-1.oraclecloud.com):
Token/Flash Key,
Owned by user 1
getKeyInfo success
server0>shareKey 6 4 1
*************************CAUTION********************************
This is a CRITICAL operation, should be done on all nodes in the
cluster. KMS server does NOT synchronize these changes with the
nodes on which this operation is not executed or failed, please
ensure this operation is executed on all nodes in the cluster.
****************************************************************
Do you want to continue(y/n)?y
shareKey success
GetKeyInfo output after shareKey
Key Info on server 0(ejs6jzp5aaehw-hsmcluster.kms.us-ashburn-1.oraclecloud.com):
Token/Flash Key,
Owned by user 1
also, shared to following 1 user(s): 2Following are the attributes for the shareKey command:
| Parameter | Description |
|---|---|
key-handle |
Specifies the key handle of a key that you own. |
user id |
Specifies the ID of the crypto user with who you are sharing or unsharing the key. |
share 1 or unshare 0 |
To share the key with a crypto user. To unshare the key, that is, to remove the specified user as a shared key user. |