I have a mozilla NSSDB PKCS11, it includes one of three things.
Certificates, keys, and SecretKeyEntry. I would like to know the content of
a SecretKeyEntry with the alias "StoreXKey". Firstly, is extracting the
plaintext of a SecretKeyEntry possible? I seem to think so because of
links: https://technosock.blogspot.com/2007/12/token-knowledge.html and
https://docs.oracle.com/javase/8/docs/api/java/security/KeyStore.SecretKeyEntry.html#getSecretKey
First link gives a way to do it ( which doesn't work for me ) the second
link gives us a few methods, namely .getEncoded() which can supposedly be
called on a SecretKeyEntry to get the byte array information.
Here is my code thus far, all results hit a null pointer exception when
using the getEncoded message. I am sure the SecretKeyEntry exists in the
NSSDB.
String configFile = "config.cfg";
Provider provider = Security.getProvider("SunPKCS11"); // I am confused on
how to incorporate the config file as well.
/* provider = provider.configure(configFile); // Does not work */
Security.addProvider(provider);
String defaultPIN = "--.--.--.--.----.-...-.--";
try{
KeyStore ks = KeyStore.getInstance("PKCS11");
ks.load(null, defaultPIN.toCharArray());
KeyStore.SecretKeyEntry skEntry = (KeyStore.SecretKeyEntry)
ks.getEntry("StoreXKey",null); // Do I need a password protector here?
System.out.println(new String(skEntry.getSecretKey().getEncoded())); <--
Error is thrown here.
}catch (Exception e){ e.printStackTrace(); }
Any help / advice or links are appreciated.
--
You received this message because you are subscribed to the Google Groups
"dev-tech-crypto@mozilla.org" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to dev-tech-crypto+unsubscr...@mozilla.org.
To view this discussion on the web visit
https://groups.google.com/a/mozilla.org/d/msgid/dev-tech-crypto/ee327174-46a8-4392-a3a5-8fdf76b3c984n%40mozilla.org.
