Open Arsira-star opened 4 years ago
If you need to get an attribute value from the private key use getAttribute
(see example) function or PrivateKey getters
If you need a private key for the crypto operation use session
object (see example)
Thanks I will try it
In my case It was third party that import private key to HSM. I don't know what private key or attribute in it. I try getAttribute and PrivateKey getters but it don't has any answer for me. Do you have another way ?
Maybe you can share your scenario?
Do I understand correctly you believe you have access to the private key but don't know which private key you need because you didn't generate it and the entity that did has not shared that with you?
Yes you are correct.I check in server HSM.It has 3 thing in slot 0 is Private key , Certificate , Public key.
I can get Certificate and value from it with ".value".It work fine But private key and public key don't have it. As I show you in the first comment that is all i get from private key. I use session.find({class: graphene.ObjectClass.PRIVATE_KEY}).length to check that really has private key in HSM and it return length = 1.
Usually HSMs will not give you a private key back out. They are designed to keep keys safe from export/theft.
@Arsira-star Try to get fields like extractable
, sensitive
, mechanism
@Arsira-star Try to get fields like
extractable
,sensitive
,mechanism
Works for us.
Do you have any nodejs lib that can work with your lib to sign xml ?
These modules use WebCrypto. It allows using modules on NodeJS and Browsers. If you want to use PKCS#11 token for XML signing see node-webcrypto-p11. For NodeJS Crypto API see @peculiar/webcrypto
I have PrivateKey PublicKey and Certificate in HSM I can get Certificate with no problem. Next I need to get private key here this is my code
=========================== const fetchedPrivateKey = session.find({label: 'xxxxxxx'}) const privateKey = fetchedPrivateKey.items(0).toType()
and this is my result
PrivateKey { handle: <Buffer 28 00 00 00 00 00 00 00>, session: Session { handle: <Buffer 01 00 00 00 00 00 00 00>, slot: Slot { handle: <Buffer 00 00 00 00 00 00 00 00>, module: [Object], slotDescription: 'Net Token Slot', manufacturerID: 'Safenet, Inc.', flags: 7, hardwareVersion: [Object], firmwareVersion: [Object] }, state: 0, flags: 4, deviceError: 0 } }
I need value from "privateKey" to use with Certificate for sign How to get that ? I don't see in example