[Opendnssec-user] Generating public/private key

Aki Tuomi cmouse at cmouse.fi
Tue Apr 15 17:11:34 UTC 2014 

On Tue, Apr 15, 2014 at 07:03:21PM +0300, Aki Tuomi wrote:
> On Tue, Apr 15, 2014 at 06:56:37PM +0300, Aki Tuomi wrote:
> > On Tue, Apr 15, 2014 at 11:39:42AM +0200, Rickard Bellgrim wrote:
> > > On Sat, Apr 12, 2014 at 1:08 PM, Aki Tuomi <cmouse at cmouse.fi> wrote:
> > > 
> > > >
> > > > I hope someone can tell me what I am doing wrong?
> > > >
> > > >
> > > The issue is not CKA_SIGN, the issue is that you are generating a key with
> > > label "test4" but you are searching for an object with the label "test".
> > > 
> > > // Rickard
> > 
> > Thank you for your reply, and well spotted. 
> > 
> > Aki
> 
> Unfortunately I still have problem:
> 
>   attr[0].type = CKA_CLASS;
>   unsigned long value2 = CKO_PUBLIC_KEY;
>   attr[0].pValue = &value2;
>   attr[0].ulValueLen = sizeof(value2);
>   attr[1].type = CKA_LABEL;
>   attr[1].pValue = const_cast<char*>("test4");
>   attr[1].ulValueLen = 5;
> 
>   module->C_FindObjectsInit(session, attr, 2);
>   module->C_FindObjects(session, &object, 1, &objects);
>   module->C_FindObjectsFinal(session);
> 
>   std::cout << "Found " << objects << " object(s)" << std::endl;
>   if (objects == 0) return 0;
> 
> 
> For the same slot, this gives me 0 objects found. How should I retrieve the
> public key from SoftHSM?
> 
> Aki
> 
> > _______________________________________________
> > Opendnssec-user mailing list
> > Opendnssec-user at lists.opendnssec.org
> > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
> 

Also. I tested that the database ends up in VERY different state when one
performs

--export
--init-token
--import

than it does with C_GenerateKeyPair()

Is there something else one needs to do after C_GenerateKeyPair that I am
not currently doing? 

Aki

> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20140415/33d39117/attachment.bin>

More information about the Opendnssec-user mailing list