This column has so far demonstrated a number of cryptographic key management utilities based on equivalent Cryptographic Services Key Management APIs. Armed with these tools, you can now establish and manage a cryptographic master key table, as well as create and maintain key store files whose content is protected by the master keys. Links to the articles delivering and discussing the LODMSTK, SETMSTK, TSTMSTK, CLRMSTK, CRTKS, and TRNKS CL commands are at the end of this article, in case you missed any of them.
Today’s installment of APIs by Example adds three new CL commands to this cryptographic services toolset, all providing functionality relating to the cryptographic key records that are the real purpose of creating master keys and key stores. Say hello to the Generate Key Record (GENKR), Display Key Record Attributes (DSPKRA), and Delete Key Record (DLTKR) commands. To ease access to all these cryptographic services commands, I’ve also included a Cryptographic Services Commands Menu (CMDCRPSRV).