Extract key Value form HSM

820 Views Asked by zero At 25 February 2021 at 14:28

I have created an AES key in my HSM, and I would like to get the key value, I tried C_FindObjects but it only return the key hundel.

    public long Find_AES_Key(String label) {
            long hkey = -1L; 
            try {
                 AESSecretKey keyTemplate = new AESSecretKey();
                 keyTemplate.getLabel().setCharArrayValue(label.toCharArray());
                 CK_ATTRIBUTE[] attributes = iaik.pkcs.pkcs11.objects.Object.getSetAttributes(keyTemplate);
                    
                 cryptoki.C_FindObjectsInit(ckiSession, attributes, false);
                 long[] found = cryptoki.C_FindObjects(ckiSession, 1L);
                 cryptoki.C_FindObjectsFinal(ckiSession);
                 
                 hkey = found[0];
                 // cryptoki.C_GetAttributeValue(ckiSession, hkey, attributes, true);
                                 
             }catch(Exception e) {
                 e.printStackTrace();
             }
            return hkey;
         }

Thank you for your help.

Original Q&A

There are 1 best solutions below

Alexander On 25 February 2021 at 16:51

It depends on your HSM, but in most cases keys are nor "readable" if they are borned inside of HSM.

If it is possible you can Wrap and export it using C_DeriveKey/C_WrapKey calls.

Check your key's CKA_WRAP attribute.

Extract key Value form HSM

There are 1 best solutions below

Related Questions in JAVA

Related Questions in WRAPPER

Related Questions in PKCS#11

Related Questions in IAIK-JCE

Trending Questions

Popular # Hahtags

Popular Questions