Export / import RSA key pair using PKCS11interop C # shell library from Thales nShield HSM?

Question

Export / import RSA key pair using PKCS11interop C # shell library from Thales nShield HSM?

I created a private RSA pair pair in HSM using PKCS11Interop to generate the key API. I want to export keypair. I used the Findobject API to get the keys, the API returns an ObjectHandle when reading attributes using the GetAttributeValue API, I can not read the key value. And when I set the key attribute CKA_EXTRACTABLE to true, I can’t generate the key at all.

I also need to import an external keyboard into HSM.

Any help is appreciated.

+4

c # cryptography pkcs # 11 hsm pkcs11interop

S ghosh Feb 27 '17 at 10:32

source share

3 answers

always_a_rookie_to_learn · Answer 1 · 2017-02-27T19:58:32+0000

, , insecure HSM. HSM.

? . HSM .

HSM , , HSM, , ( HSM), . PKCS # 11 - , HSM. HSM , , PKCS11 api.

, , . HSM, , . HSM, .

P.S: Thales nShield / , HSM .

. Key/Key Pair, HSM () Key/Key, HSM, .

Ahmet Arslan · Answer 2 · 2017-02-27T23:08:52+0000

, Safenet HSM, Thales HSM , GetAttributeValue, ObjectHandle ..

CKA_EXTRACTABLE , , , , . , .

ObjectHandle (FM). FM - , Safenet HSM, , HSM. ObjectHandle HSM, , FM. .

Safenet HSM.

jariq · Answer 3 · 2017-02-28T12:27:39+0000

RSA (, PKCS # 11, HSM), (. 12.1.3 of PKCS # 11 v2.20 ), , ASN.1 .

The specific type of ASN.1 structure that you need depends on the type of key you use (in your case, it is RSA), and on the capabilities of the target system that will use the keys, i.e. encryption applications usually use different formats, mail agents, etc. I believe that you can start with the structure RSAPrivateKeydefined in PKCS # 1 .

Export / import RSA key pair using PKCS11interop C # shell library from Thales nShield HSM?

More articles: