Hi
Can anyone tell me why the attached test program failed with
CKR_ATTRIBUTE_VALUE_INVALID error? Is CKO_DATA supported?
What I am trying to do is to generate a lot of wrapped keys on
one machine, save them in softtoken keystore, and then transfer
the keystore to another machine(probably having different
architecture) and retrieve those wrapped keys. I want to save
those wrapped keys as CKO_DATA objects, but it seems that object
type is not supported? Do I have to use regular files for this?
Thanks,
Raymond
-------------- next part --------------
/*
* To compile it:
* cc -o test test.c -lpkcs11 -lcryptoutil
*
* To run it:
* ./test
*/
#include <stdio.h>
#include <string.h>
#include <fcntl.h>
#include <assert.h>
#include <security/cryptoki.h>
int create_obj (CK_SESSION_HANDLE);
int create_obj (CK_SESSION_HANDLE sess) {
CK_OBJECT_CLASS class = CKO_DATA;
CK_UTF8CHAR label[] = "A data object";
CK_UTF8CHAR app[] = "Test App";
CK_BYTE data[] = "This is data";
CK_BBOOL true = CK_TRUE;
CK_ATTRIBUTE template[] = {
{CKA_CLASS, &class, sizeof(class)},
{CKA_TOKEN, &true, sizeof(true)},
{CKA_LABEL, label, sizeof(label)-1},
{CKA_APPLICATION, app, sizeof(app)-1},
{CKA_VALUE, data, sizeof(data)}
};
CK_OBJECT_HANDLE obj;
CK_RV rv;
rv = C_CreateObject(sess, template, 5, &obj);
if (rv != CKR_OK) {
printf("Failed (%s)!\n", pkcs11_strerror(rv));
exit (1);
}
}
int main (int argc, char *argv[]) {
CK_SLOT_ID slots[1];
CK_ULONG n_slots = sizeof (slots) / sizeof (CK_SLOT_ID);
CK_SESSION_HANDLE session;
int session_flags;
CK_RV rv;
rv = C_Initialize(NULL_PTR);
assert(rv == CKR_OK);
rv = C_GetSlotList(CK_TRUE, slots, &n_slots);
assert(rv == CKR_OK);
assert(n_slots == 1);
session_flags=CKF_SERIAL_SESSION | CKF_RW_SESSION;
rv = C_OpenSession(slots[0], session_flags, NULL, NULL, &session);
assert(rv == CKR_OK);
rv=C_Login(session, CKU_USER, (CK_UTF8CHAR_PTR)"changeme", 8);
assert(rv == CKR_OK);
create_obj(session);
rv = C_CloseSession(session);
assert(rv == CKR_OK);
exit(0);
}
