I have created an AES key in my HSM, and I would like to get the key value, I tried C_FindObjects but it only return the key hundel.
public long Find_AES_Key(String label) {
long hkey = -1L;
try {
AESSecretKey keyTemplate = new AESSecretKey();
keyTemplate.getLabel().setCharArrayValue(label.toCharArray());
CK_ATTRIBUTE[] attributes = iaik.pkcs.pkcs11.objects.Object.getSetAttributes(keyTemplate);
cryptoki.C_FindObjectsInit(ckiSession, attributes, false);
long[] found = cryptoki.C_FindObjects(ckiSession, 1L);
cryptoki.C_FindObjectsFinal(ckiSession);
hkey = found[0];
// cryptoki.C_GetAttributeValue(ckiSession, hkey, attributes, true);
}catch(Exception e) {
e.printStackTrace();
}
return hkey;
}
Thank you for your help.
It depends on your HSM, but in most cases keys are nor "readable" if they are borned inside of HSM.
If it is possible you can
Wrap
and export it usingC_DeriveKey
/C_WrapKey
calls.Check your key's
CKA_WRAP
attribute.