Method: PKCS11::Session#C_DeriveKey

Defined in:

lib/pkcs11/session.rb

#C_DeriveKey(mechanism, base_key, template = {}) ⇒ PKCS11::Object Also known as: derive_key

Derives a key from a base key, creating a new key object.

Examples:

Derive a AES key by XORing with some derivation data

deriv_data = "\0"*16
new_key = session.derive_key( {CKM_XOR_BASE_AND_DATA => {pData:  deriv_data}}, secret_key,
  CLASS: CKO_SECRET_KEY, KEY_TYPE: CKK_AES, VALUE_LEN: 16, ENCRYPT: true )

Parameters:

• mechanism (Hash, Symbol, Integer, PKCS11::CK_MECHANISM) —

  used mechanism

• base_key (PKCS11::Object) —

  key to derive

• template (Hash) (defaults to: {}) —

  Attributes of the object to create.

Returns:

• (PKCS11::Object) —

  key object of the new created key.

# File 'lib/pkcs11/session.rb', line 718

def C_DeriveKey(mechanism, base_key, template={})
  obj = @pk.C_DeriveKey(@sess, to_mechanism(mechanism), base_key, to_attributes(template))
  Object.new @pk, @sess, obj
end