我尝试使用Pkcs11Interop从HSM中提取密钥的值。我知道,关键必须留在HSM,但我需要它,所以......
我已经用NCryptoki做了,我也想用Pkcs11Interop
做我试过这段代码:
// Prepare attribute template that defines search criteria
List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>();
objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_SECRET_KEY));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_DES));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, "MY_KEY"));
// Find all objects that match provided attributes
List<ObjectHandle> foundObjects = session.FindAllObjects(objectAttributes);
var key = foundObjects[0];
byte[] plainKeyValue = null;
List<ObjectAttribute> readAttrs = session.GetAttributeValue(key, new List<CKA>() { CKA.CKA_VALUE });
if (readAttrs[0].CannotBeRead)
throw new Exception("Key cannot be exported");
else
plainKeyValue = readAttrs[0].GetValueAsByteArray();
但是plainKeyValue全是零,但是,你可以想象,这不是真的。
那么,我怎样才能达到目标?