1. 首页
  2. 问答
  3. HSM AES密钥提取

HSM AES密钥提取

2017-07-07 296 views
1

我有一个Thales nShield HSM,其中我创建了一个(CKA_SENSATIVE,false)AES密钥,但是,我无法弄清楚如何在java中执行它。我的主要创作看起来就像这样:HSM AES密钥提取

CK_ATTRIBUTE[] aesKeyObject = new CK_ATTRIBUTE[14]; 

    try 
    { 
     aesKeyObject[0] = new CK_ATTRIBUTE(CKA_CLASS, CKO_SECRET_KEY); 
     aesKeyObject[1] = new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_AES); 
     aesKeyObject[2] = new CK_ATTRIBUTE(CKA_VALUE_LEN, 32); 
     aesKeyObject[3] = new CK_ATTRIBUTE(CKA_TOKEN, true); 
     aesKeyObject[4] = new CK_ATTRIBUTE(CKA_LABEL, "TestAES".getBytes()); 
     aesKeyObject[5] = new CK_ATTRIBUTE(CKA_PRIVATE, true); 
     aesKeyObject[6] = new CK_ATTRIBUTE(CKA_EXTRACTABLE, true); 
     aesKeyObject[7] = new CK_ATTRIBUTE(CKA_WRAP, true); 
     aesKeyObject[8] = new CK_ATTRIBUTE(CKA_UNWRAP, true); 
     aesKeyObject[9] = new CK_ATTRIBUTE(CKA_ENCRYPT, true); 
     aesKeyObject[10] = new CK_ATTRIBUTE(CKA_DECRYPT, true); 
     aesKeyObject[11] = new CK_ATTRIBUTE(CKA_TRUSTED, true); 
     aesKeyObject[12] = new CK_ATTRIBUTE(CKA_ID, 1550); 
     aesKeyObject[13] = new CK_ATTRIBUTE(CKA_SENSITIVE, false); 

     CK_MECHANISM mech = new CK_MECHANISM(CKM_AES_KEY_GEN); 

     long newAESKeyHandle = p11.C_GenerateKey(hSession, mech, aesKeyObject);  
    }catch(Exception e) 
    { 
    }

来源

2017-07-07 Joshua Faust

+0

@zaph它是nShield –

回答

0

您需要阅读生成的密钥对象的属性与C_GetAttributeValue功能。

来源

2017-07-07 21:39:54 jariq

+0

是的,我在前一篇文章中看到了答案。你能更具体一点吗?我做了: p11.C_GetAttributeValue(hSession,newAESKeyHandle,CKA_VALUE);我给了我1126的价值。不太确定那是什么。我已经完成了: CK_ATTRIBUTE [] KeyValue = new CK_ATTRIBUTE [] { new CK_ATTRIBUTE(CKA_VALUE,newAESKeyHandle) }; –

相关问题

 相关问题