查找对象后如何更新特定属性。 得到错误方法C_SetAttributeValue返回CKR_ATTRIBUTE_READ_ONLY
[英]How to Update particular Attribute after finding an object. getting error Method C_SetAttributeValue returned CKR_ATTRIBUTE_READ_ONLY
问题描述
I am trying to update an attribute after finding the object. 
我尝试在找到对象后更新属性。 Have tried out different cases. 尝试了不同的情况。
My creation code: 我的创建代码:
using (var pkcs11 = new Pkcs11(@"C:\SoftHSM2\lib\softhsm2.dll", AppType.SingleThreaded))
{
var slot = pkcs11.GetSlotList(SlotsType.WithTokenPresent)[0];
using (var session = slot.OpenSession(SessionType.ReadWrite))
{
session.Login(CKU.CKU_USER, "1111");
var objectAttributes = new List<ObjectAttribute>
{
new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_DATA),
new ObjectAttribute(CKA.CKA_TOKEN, true),
new ObjectAttribute(CKA.CKA_MODIFIABLE, true),
new ObjectAttribute(CKA.CKA_APPLICATION, txtTypeofData.Text),
new ObjectAttribute(CKA.CKA_LABEL,txtMsisdn.Text),
new ObjectAttribute(CKA.CKA_VALUE, "Data object content original " + DateTime.Now)
};
var result = session.CreateObject(objectAttributes);
session.Logout();
}
}
My modifying code is: 我的修改代码是:
using (Pkcs11 pkcs11 = new Pkcs11(@"C:\SoftHSM2\lib\softhsm2.dll", AppType.MultiThreaded))
{
var slot = pkcs11.GetSlotList(SlotsType.WithTokenPresent)[0];
using (Session session = slot.OpenSession(SessionType.ReadWrite))
{
session.Login(CKU.CKU_USER, "1111");
List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>();
objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_DATA));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_APPLICATION, txtTypeofData.Text));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, txtMsisdn.Text));
objectAttributes.Add(new ObjectAttribute(CKA.CKA_MODIFIABLE, true));
var findA = session.FindAllObjects(objectAttributes);
if(findA != null && findA.Count > 0)
{
List<ObjectAttribute> objectAttributesNew = new List<ObjectAttribute>();
objectAttributesNew.Add(new ObjectAttribute(CKA.CKA_VALUE, "Data object content two changed " + DateTime.Now));
session.SetAttributeValue(findA[0], objectAttributesNew);
}
session.Logout();
}
}
2 个解决方案
解决方案1
2 已采纳 2019-03-18 21:12:40
The behavior you are observing seems to be specific to SoftHSM implementation. 您观察到的行为似乎是特定于SoftHSM实现的。 You can find following comment in its source code: 您可以在其源代码中找到以下注释 :
// NOTE: There is no mention in the PKCS#11 v2.40 spec that for a Data
// Object the CKA_VALUE attribute may be modified after creation!
// Therefore we assume it is not allowed to change the CKA_VALUE
// attribute of a Data Object.
解决方案2
0 2019-03-12 09:15:39
Check if CKA_MODIFIABLE is set to TRUE because this attribute indicates whether a Data Object is read-only or not. 检查CKA_MODIFIABLE是否设置为TRUE,因为此属性指示数据对象是否为只读。 CKA_MODIFIABLE is by default TRUE and can only be changed by copying the object. CKA_MODIFIABLE默认情况下为TRUE,并且只能通过复制对象进行更改。
Also, pay attention to this note from the PKCS#11 standard: 另外,请注意PKCS#11标准中的此注释:
attributes which Cryptoki specifies are modifiable may actually not be modifiable on some tokens.
So, it could be the case that the token is not allowing you to change the attribute and that it's not a problem from your code. 因此,可能是令牌不允许您更改属性,并且代码中没有问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.