我想使用 PKCS#11 兼容的加密 USB 令牌来生成 AES 密钥并在屏幕上显示其值。
为此,我想使用 IAIK PKCS#11 包装器。
我尝试通过 IAIK 包提供的示例生成密钥,但没有成功。密钥已生成,但我看不到任何密钥值。为了在屏幕上显示它,我应该怎么做才能看到键值?
这是我的代码:
Module pkcs11Module = null;
pkcs11Module = Module.getInstance("pkcs11.dll");
Session session = null;
pkcs11Module.initialize(null);
Slot[] slots = pkcs11Module.getSlotList(Module.SlotRequirement.TOKEN_PRESENT);
if (slots.length == 0) {
output_.println("No slot with present token found!");
throw new TokenException("No token found!");
}
Slot selectedSlot;
// slot 0
selectedSlot = slots[0];
Token token = selectedSlot.getToken();
session = token.openSession(Token.SessionType.SERIAL_SESSION, Token.SessionReadWriteBehavior.RW_SESSION, null, null);
session.login(Session.UserType.USER, "12345678".toCharArray());
Mechanism keyGenerationMechanism = Mechanism.get(PKCS11Constants.CKM_AES_KEY_GEN);
AESSecretKey aesKey = new AESSecretKey();
aesKey.getValueLen().setLongValue(new Long(32));
AESSecretKey aesKeyNew = (AESSecretKey) session.generateKey(keyGenerationMechanism, aesKey);
output_.println("the AES Key is: ");
output_.println(aesKeyNew.toString());
session.closeSession();
pkcs11Module.finalize(null);
结果如下:
the AES Key is:
Object Class: Secret Key
Token: false
Private: false
Modifiable: true
Label: <NULL_PTR>
Key Type: AES
ID: <NULL_PTR>
Start Date: <NULL_PTR>
End Date: <NULL_PTR>
Derive: true
Local: true
Key Generation Mechanism: CKM_AES_KEY_GEN
Allowed Mechanisms: <Attribute not present>
Sensitive: false
Encrypt: true
Decrypt: true
Sign: false
Verify: false
Wrap: true
Unwrap: true
Extractable: true
Always Sensitive: false
Never Extractable: true
Check Value: <Attribute not present>
Wrap With Trusted: <Attribute not present>
Trusted: <Attribute not present>
Wrap Template: <Attribute not present>
Unwrap Template: <Attribute not present>
Value (hex): <NULL_PTR>
Value Length (dec): 0
有值(十六进制):我想在屏幕上看到和显示。它是关于加密令牌的特定配置吗?当我使用不同的令牌时,我会看到这个值。