[Opendnssec-user] Possible bug in unwrapped key bytes
Jana Nguyen
jana.nguyen at gmail.com
Thu Sep 6 21:30:17 UTC 2018
I am trying to retrieve the key bytes of a wrapped key. We are using IAIK
with SoftHSM 2.4.0.
When I unwrap the key, the key object returned but when we get the key
bytes, I get null.
Key template has been initialized with “sensitive=false” and below code
works find with the Thales HSM appliance, but not with SoftHSM.
long CKM_AES_KEY_WRAP = 0x00002109L;
Mechanism wrappingMechanism = new Mechanism(CKM_AES_KEY_WRAP);
InitializationVectorParameters ivParam = new
InitializationVectorParameters(iv);
wrappingMechanism.setParameters(ivParam);
AESSecretKey key = session.unwrapKey(wrappingMechanism,
keyEncryptionKey, wrappedKey, keyTemplate);
byte[] plaintextkey = key.getValue().getByteArrayValue();
Error I'm getting:
(plaintextkey is null)
Any ideas or workaround to get this to work? Any input is much appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20180906/44f06e9d/attachment.htm>
More information about the Opendnssec-user
mailing list