c - Extract or set private key parameters in cryptoki library -


i ran issues writing small test programme using cryptoki library. want (have) hold of rsa private key (all parameters). thought either generate keys , extract parameters or use generated parameters set keys manually. far, don't of working. code @ end of post.

extraction

i know there c_getattributevalue() can extract attributes such public exponent or modulus. works both public , private key objects ckr_attribute_sensitive error when try extract private parameters private key object. there way extract these attributes? can/do have set parameters when logging session or during initialising?

setting keys manually

my second approach read key material (generated openssl) file , use generating key objects c_createobject(). file contains rsa parameters (n,e,d,p,q,dmp1,dmq1,iqmp). after reading, convert them ascii hex representation , store them in ck_byte[]. far good. now, when pass c_createobject() in order create private key receive ckr_attribute_value_invalid error message. creating public key object same way public parameters works. verified using c_getattributevalue() on created public key object. missing generating private key object if possible way? suppose c_generatekeypair() generates new keys no matter whether key material provided or not, right?

c code

this try create private key object with:

ck_object_handle hprivatekeys[numkeys]; ck_key_type ktype= ckk_rsa; ck_object_class kclass = cko_private_key; ck_byte id[] = {123}; ck_utf8char label[] = "an rsa private key object";  // sn,sd,se, etc contain length of respective parameter ck_attribute privatekeytemplate[] = {             {cka_class, &kclass, sizeof(kclass)},             {cka_key_type, &ktype, sizeof(ktype)},             {cka_token, &false, sizeof(false)},             {cka_private, &false, sizeof(false)},             {cka_sensitive, &false, sizeof(false)},             {cka_extractable, &true, sizeof(true)},             {cka_id, id, sizeof(id)},             {cka_subject, null_ptr, 0},             {cka_decrypt, &true, sizeof(true)},             {cka_sign, &true, sizeof(true)},             {cka_label, label, sizeof(label)-1},             {cka_id, id, sizeof(id)},             {cka_modulus, modulus, sn},             {cka_public_exponent, publicexponent, se},             {cka_private_exponent, privateexponent, sd},             {cka_prime_1, prime1, sp},             {cka_prime_2, prime2, sq},             {cka_exponent_1, exponent1, sdmp1},             {cka_exponent_2, exponent2, sdmq1},             {cka_coefficient, coefficient, siqmp}     };      ck_attribute publickeytemplate[] = {             {cka_encrypt, &true, sizeof(true)},             {cka_verify, &true, sizeof(true)},             {cka_wrap, &true, sizeof(true)},             {cka_modulus_bits, &modulusbits, sizeof(modulusbits)},             {cka_public_exponent, publicexponent, se},             {cka_modulus, modulus, sn}     };  rv = pfunctionlist->c_createobject(hsession, privatekeytemplate, num_elem(privatekeytemplate), &hprivatekeys[j]);

your idea of generating key pair , reading out fine, should set attribute cka_sensitive false in template of private key. note depends on token if such functionality supported.

usually when extracting private key information token want have encrypted. encryption of keys called wrapping, , possible extraction of sensitive information managed cka_extractable attribute.

after reading, convert them ascii hex representation , store them in ck_byte[].

the pkcs#11 token interface specifies precisely how encode / decode attributes. trying formats haphazardly not going give results.


Comments

Post a Comment

Popular posts from this blog

c++ - Difference between pre and post decrement in recursive function argument -

i have following sample code used pre-decrement void function(int c) { if(c == 0) { return; } else { cout << "dp" << c << endl; function(--c); cout << c << endl; return; } } this function give output input 4 : dp3 dp2 dp1 dp0 0 1 2 3 but when use post decrement void function(int c) { if(c == 0) { return; } else { cout << "dp" << c << endl; function(c--); cout << c << endl; return; } } output goes in infinite loop dp4 can explain me in detail why happens ? this happens because function(c--) called same value of c , when finishes c decremented. recursively called, hence called same value no chance of return , hit stack overflow error. assume this, int x = 1, y = 0; y = x++ result y == 1 , x == 2. if y = ++x , bot x , y 2.
Read more

php - Nothing but 'run(); ' when browsing to my local project, how do I fix this? -

i added new project. made mistake in projectname.conf file in sites-available apache2, led me reinstalling apache2. after reinstalling , re-enabling projects on every page of every project .. <body> run(); </body> .. i've run composer update, restarted service, restarted pc, checked config files, tried disabling new project. there nothing in error log, , access.log: 127.0.0.1 - - [15/may/2015:01:40:47 +0200] "get / http/1.1" 304 181 "-" "mozilla/5.0 (x11; ubuntu; linux x86_64; rv:38.0) gecko/20100101 firefox/38.0" maybe i'm forgetting apache2 reinstall? don't think did different last time installed it. looks haven't setup php correctly. take @ this great guide , maybe you're forgetting link php config apache2.
Read more

php - How can I echo out this array? -

i don't know how go grabbing data in variable , put foreach loop. class tree{ private $info = array( array('name'=>'jim','state'=>'nu','company'=>'nu','phone'=>array('cell'=>'5615111111','office'=>'5611111111'),'email'=>array('primary'=>'exs@example.com','ex@there.com')), array('name'=>'joe smith','city'=>'phoenix','phone'=>'4805551111','email'=>'jsmith@some_email.com'), array('name'=>'john doe','city'=>'chandler','company'=>'doe co.','email'=>array('jdoe@gmail.com','personal'=>'email@email.com'),'phone'=>'6025550002') ); } if you're inside of class, can access private variable using $this->variablename . example, i
Read more