[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] CKM_SEAL_KEY
On 7/3/2013 9:08 PM, Oscar K So Jr.
wrote:
Michael, Is this a trick question? The token controls the policy for the keys. If there are some keys that the underlying hardware won't emit (and that isn't the case with most HSMs I've seen - its controlled by the firmware/software for the HSM), then the hardware will emit an error code and that error code will propagate to the C_WrapKey as an appropriate PKCS11 error code. Probably CKR_KEY_NOT_WRAPPABLE. I would hope the documentation for the token would describe the conditions under which this would occur. Mike |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]