7 Čec
2022
7 Čec
'22
9:14
Hello Daniel,
I've just realised that the maximum PKCS#11 key
label length probably isn't enough to cover all possible zone names.
Understood.
I'm having a devil of a time (i.e. I'm finding it impossible) to associate key
files created on a Thales Security World with the zones they're used for. Admittedly
this is not often necessary, but I would like to be able to identify the key files
themselves.
Some devices are limited to 32 characters.
Object 449:
URL: pkcs11:model=;manufacturer=nCipher%20Corp.%20Ltd;serial=xxx;\
token=YYY;\
id=%04%66%D0%9C%0D%9E%24%D9%79%0A%17%D3%5D%A0%CC%5A%3F%E2%A3%26;\
type=public
Type: Public key (RSA-2048)
Label:
ID: 04:66:d0:9c:0d:9e:24:d9:79:0a:17:d3:5d:a0:cc:5a:3f:e2:a3:26
The ID is that which `keymgr list' displays (with colons in it), but the label
is empty.
Would it be possible for Knot to actually set the label so the key identifier used by
Knot, i.e. for above example set it to: 0466d09c0d9e24d9790a17d35da0cc5a3fe2a326, maybe
truncating it on devices which limit the field to a smaller number of characters?
Best regards,
-JP