SoftHSMv2 - How to make created objects survive between sessions?
Question
- I open a session
- I create an AES key with a label by using C_CreateObject
- I can lookup the created object by label by using C_FindObjects.
- I close the session.
- I open a new session.
- I can no longer lookup the created object by label using C_FindObjects.
What am I doing wrong?
Thanks!
1 answers
solution1
0 2022-12-04 01:19:19
Two possibilities come to my mind:
- Per PKCS#11 2.40 ,
Only session objects can be created during a read-only session
Therefore the session of C_CreateObject needs to have been opened with the flags argument set to CKF_SERIAL_SESSION | CKF_RW_SESSION CKF_SERIAL_SESSION | CKF_RW_SESSION .
- The
pTemplateargment toC_CreateObjectneeds to include theCKA_TOKENattribute so that the newly created key would be a "token object" rather than a "session object".
In PKCS#11, a token object is persistent across sessions whereas a session object is ephemeral and would get dropped once the session is closed.
Hope this helps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Can't refer to EVP_DigestSign and EVP_DigestVerify when make check OSSLEDDSATests of Softhsmv2
how to read softhsm keys
How to Update particular Attribute after finding an object. getting error Method C_SetAttributeValue returned CKR_ATTRIBUTE_READ_ONLY
PKCS11 does not recognize new slot created in softhsm in runtime
Using a HSM to store 'master keys' - how?
How to parse certifcate/privateKey pair by using Crypto11
Related Tags