Hi,
I have a PKCS#11 module, and I want to support key wrapping and
unwrapping, to export a private key in a PKCS#12 file.
I don't understand how I can get the wrapping key that Netscape passes
to my C_WrapKey function. Indeed, the handle is not a valid handle in
my token (i.e. no object exists with this handle for my module).
In the other case, for the Unwrapping function, Netscape call the
C_CreateObject
function of my PKCS#11 module before calling my C_UnWrapKey. Then
Netscape passes to my C_UnWrapKey() the handle to the secret key object
it has just created with my module. So for unwrapping, I can get the
unwrapping key.
But for the wrapping, Netscape doesn't call my C_CreateObject before
calling my
C_WrapKey. As I understand it, may be the handle to the wrapping key
refers to the Netscape softtoken, because it hasn't called my
C_CreateObject.
Have you experienced this problem ? Could it be a bug of my Netscape
version ( I use Communicator 4.75 on Win98). Is there a way to access
the secret key in Netscape key database ?
I tried to see if the behavior of Netscape 6 is different. I can create
certificate in my token databse, but nothing happen when I click on the
button "Backup" (which is "Export" I guess).
Could you give me some information about this problem ?
Thanks,
Etienne
