If I use PK11_GenerateKeyPair with isPerm and isSensitive parameters set to FALSE, then I understand that the key is extractable (not tied to a token): how does one then extract the actual private key value from the object returned, which is of type SECKEYPrivateKey?
-- POC
