I'm using the Python PKCS (https://github.com/danni/python-pkcs11) library to unwrap some AES keys wrapped by another HSM. While the unwrapping process seems to work (no error from the library or in SoftHSM's debug logs), CKA_VALUE_LEN for these (256 bit) keys seems to be 0:

            example_unwrapping_test = example_wrapping_softhsm.unwrap_key(pkcs11.ObjectClass.SECRET_KEY, pkcs11.KeyType.AES, example_blob, mechanism=pkcs11.Mechanism.RSA_PKCS_OAEP, store=True, label='example-unwrapping-test', template={
            pkcs11.Attribute.SENSITIVE: False,
            pkcs11.Attribute.EXTRACTABLE: True,
        })
        except Exception as error:
            print(error)
            print(vars(error))
            raise
        print(example_unwrapping_test)
        print(len(example_unwrapping_test[pkcs11.Attribute.VALUE]))
        print(example_unwrapping_test[pkcs11.Attribute.VALUE_LEN])

<SecretKey label='example-unwrapping-test' id='' 0-bit AES>
32
0

The actual bytes of the test key are the right length (32) and do have the same value as the test key before it was wrapped.

The standard implies that, at least for RSA_OAEP, CKA_VALUE_LEN for these keys should come from the mechanism: "[T]he mechanism contributes only the CKA_CLASS and CKA_VALUE (and CKA_VALUE_LEN, if the key has it) attributes to the recovered key during unwrapping." I see this when unwrapping an AES key wrapped with CKM_AES_KEY_WRAP_PAD too.