FAQ
Hi there,

I am trying to use a pkcs11 library (with python 2.7) and address this
library with ctypes.
Alas, I am neither the python black belt guru and C is not my preferred
language.

Till now, I do not want to use pykcs11, since I want to keep my
dependencies low.

I initialized the library, logged in to the token and got a session
(self.hSession).

Now I try to create an AES key using C_CreateKey.

--snip--
def createAES(self, ks2):
rv=0
mechanism = CK_MECHANISM(CKM_AES_KEY_GEN, NULL, 0)
print "Mech:",mechanism.mechanism
print "Mech:",mechanism.pParameter
print "Mech:",mechanism.usParameterLen

keysize = c_ulong(ks)
klass = CKO_SECRET_KEY
keytype = CKK_AES
label = "testAES"
ck_true = c_ubyte(1)
ck_false = c_ubyte(0)
objHandle = CK_OBJECT_HANDLE()

size=7

CK_TEMPLATE = CK_ATTRIBUTE * 6

template = CK_TEMPLATE(
CK_ATTRIBUTE(CKA_KEY_TYPE, c_void_p(keytype),0),
CK_ATTRIBUTE(CKA_LABEL, cast( label, c_void_p),
len( label )),
CK_ATTRIBUTE(CKA_VALUE_LEN,
cast(byref(keysize),c_void_p), sizeof(keysize) ),
CK_ATTRIBUTE(CKA_PRIVATE,
cast(byref(ck_false),c_void_p), sizeof(ck_false)),
CK_ATTRIBUTE(CKA_TOKEN,
cast(byref(ck_true),c_void_p), sizeof(ck_true)),
CK_ATTRIBUTE(CKA_SENSITIVE,
cast(byref(ck_true),c_void_p), sizeof(ck_true))
)

template_len = c_ulong(size)
print "Template: ", template
print "Template: ", len(template)
print "Handle:", objHandle
print "Handle:", type(addressof(objHandle))
rv = self.etpkcs11.C_GenerateKey(self.hSession,
addressof(mechanism),
addressof(template),
template_len,
objHandle)
print "rv=",rv
print "handle=",objHandle

if rv:
if self.debug: print "Failed to create key: " , rv
raise Exception("createAES - Failed to C_GenerateKey (%s):
%s" % (rv, pkcs11error(rv)) )
else:
if self.debug: print "created key successfully: %s" %
str(handle)
--snap--

Unfortunately I end up with a return value of 32, which means invalid
data -- I guess my template is not that, what is should be.

Any hint on this is highly appreciated.

Kind regards
Cornelius


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/python-list/attachments/20120905/c40545d8/attachment.pgp>

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 1 of 1 | next ›
Discussion Overview
grouppython-list @
categoriespython
postedSep 5, '12 at 8:41p
activeSep 5, '12 at 8:41p
posts1
users1
websitepython.org

1 user in discussion

Cornelius Kölbel: 1 post

People

Translate

site design / logo © 2022 Grokbase