How to query HSM slot for value "key handle" using (known) value "key label"

Question

Need to query HSM (in Python) using known values HSM "slot #", "key label" to obtain (unknown value) "key handle".

Any suggestions?

score 0 · Answer 1 · answered Jun 04 '19 at 23:31

0

You can use pkcs11.Session.get_key() to get unique object in HSM by label.

An example to get an AES key with label "Label":

with token.open(user_pin='1234', rw=True) as session:
    key = session.get_key(object_class=ObjectClass.SECRET_KEY, key_type=KeyType.AES, label="Label")

Use pkcs11.Session.get_objects() for more complex searches.

Note: You do not need the "key handle" value at all as you can perform operations using returned key object.

Good luck!

answered Jun 04 '19 at 23:31

vlp

7,811
2
23
51

Now why did I not see these references while searching the SAME documentation??? :) Nothing like a fresh set of eyes. Tremendous thanks! I will update post as soon as I get this working. – JHZK99 Jun 05 '19 at 15:12

score 0 · Answer 2 · answered Jun 11 '19 at 14:59

0

You put me on the right track. I ended up using c_find_objects_ex to grab the key handle and used slice to chop off the trailing "L" in the output. Thanks!

answered Jun 11 '19 at 14:59

JHZK99

1
1

How to query HSM slot for value "key handle" using (known) value "key label"

2 Answers2