How to get the KCV (Key Check Value)

You must sign in to post in the forums.
5/10/2011 9:29:26 PM
magodalespaul
Gravatar
Total Posts 8
View Posts

How to get the KCV (Key Check Value)

Hi,

 

 

I have some stored keys in my HSM, i need to return the KCV from these keys, i need to select this keys in the Slot and return the KCV from they.

 

 

 

Thanks so much

5/11/2011 12:30:18 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: How to get the KCV (Key Check Value)

Hi,

the key attribute that returns the KCV is CKA_CHECK_VALUE.

You must get an instance of the key by using the Find method and then you simple have to read the value of the attribute CKA_CHECK_VALUE.

To do that you need a general knowledge on how to use NCryptoki. Read the documentation and the wiki.

5/11/2011 1:32:28 PM
magodalespaul
Gravatar
Total Posts 8
View Posts

Re: How to get the KCV (Key Check Value)

Could you give me an example????

 

 

Thanks

5/11/2011 5:16:03 PM
magodalespaul
Gravatar
Total Posts 8
View Posts

Re: How to get the KCV (Key Check Value)

I did this

     CryptokiCollection templateFind = new CryptokiCollection();

     templateFind.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_SECRET_KEY));
     templateFind.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "testeNovoTim"));

     CryptokiCollection objects = session.Objects.Find(templateFind, 10);

     if (objects.Count > 0)
     {
          foreach (Object obj in objects)
          {
          Console.WriteLine(((SecretKey)obj).Label);
          Console.ReadLine();
     }
     SecretKey secretKey;
     secretKey = (SecretKey)objects[objects.Count - 1];
     Console.WriteLine(secretKey.???);

}

 

Where is the ??? is because i cant find how to get the Check_Value, i can get the Label, ID, if is Private or Not, but dont have any option to return the KCV.

 

If you can help i will be gratefull.

5/11/2011 7:09:45 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: How to get the KCV (Key Check Value)

Very good!

You miss only this line:

Console.WriteLine(secretKey.Attributes[CKA_CHECK_VALUE].Value];

 

5/11/2011 8:36:10 PM
magodalespaul
Gravatar
Total Posts 8
View Posts

Re: How to get the KCV (Key Check Value)

Thanks,

 

But when i try this, return to me an error n. 18.

 

 

I using C# right now.

5/12/2011 11:57:54 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: How to get the KCV (Key Check Value)

Error 18 stands for CKR_ATTRIBUTE_TYPE_INVALID (the error codes are defined in the class CryptokiException).

This error comes from the underlying PKCS#11 module. Maybe the native (unmanaged) PKCS#11 that you are using doesn't support this attribute (check that in the documentation of your PKCS#11 module).
if so (i.e. the underlying PKCS#11 cannot calculate the KCV) you may do it by yourself by reading this document
 

Regards,

Ugo

You must sign in to post in the forums.