I've made this operation (wrap the key) with sensitive keys.
Is there a way to do also with <span data-scayt_word="unextractable" data-scaytid="5">unextractable key? My final goal is to export the key from one <span data-scayt_word="hsm" data-scaytid="11">hsm to another and this can be the <span data-scayt_word="fastet" data-scaytid="22">fastet method.
Can you help me?
(this forum is read, but only few person write.. I hope to receive some answers)
if the key is marked as <span data-scayt_word="Unextractable" data-scaytid="2">Unextractable you cannot extract it in any way.
if it is not, you can extract it by using <span data-scayt_word="WrapKey" data-scaytid="6">WrapKey to export the key and <span data-scayt_word="UnwrapKey" data-scaytid="13">UnwrapKey to import it in the other <span data-scayt_word="HSM" data-scaytid="24">HSM.
Refer to <span data-scayt_word="PKCS" data-scaytid="25">PKCS#11 specifications to know more on <span data-scayt_word="C_WrapKey" data-scaytid="31">C_WrapKey and <span data-scayt_word="C_UnwrapKey" data-scaytid="36">C_UnwrapKey
My key I have to export is
NEVER_EXTRACTABLE=FALSE
EXTRACTABLE=FALSE
what does it mean? Can I or not?
Here further details: http://security.stackexchange.com/questions/105257/export-key-from-an-hsm-to-import-in-another-invalid-data-encoding