Hi,
Usually, the PKCS11 engine is used to access a smart card or an HSM
which don't offer the possibility of exporting a private key. So, in
this case, it's not feasible.
More generally, you can check if a pkcs11 object is exportable by
reading the attributes CKA_EXTRACTABLE, CKA_NEVER_EXTRACTABLE and
CKA_ALWAYS_SENSITIVE.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
venkat naidu wrote:
hi
all,
i have a query related to PKCS11
can we export the private key retrieved from PKCS11 ? ( here we are
storing the private key using the PKCS11 functionalities )
if so how can we do that ? any such operation will voilate any standrads ?
Thanks for all your help
regards
Venkat
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
