[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

R: [iaik-jce] PKCS11 and iaik - Private Key Conversion

Well, I just wanted to VERIFY the results,so I found a work-around in the
I used SHA/RSA and MD5/RSA built-in functions,got the resulting byte
array,got the PUBLIC key from the smart card and made IAIK verify the
Actually, the difficult part was to make the (functionally equivalent)
"public keys" to match.
The one generated on the smart card is referred trough a PKCS11Object,while
IAIK wants a (Java)PublicKey!
Using IBM's library it's possible to export some "attributes"
and,specifically for the Public Key,the modulus and the exponent,which you
can then pass to iaik.security.rsa.RSAPublicKey(BigInteger
modulus,BigInteger public_exponent) to hava a key that IAIK accepts to

	Diego Pietralunga

-----Messaggio originale-----
Da: Andreas Sterbenz [mailto:Andreas.Sterbenz@iaik.at]
Inviato: marted́ 21 novembre 2000 14.20
A: Diego Pietralunga; Iaik-Jce (E-mail)
Oggetto: Re: [iaik-jce] PKCS11 and iaik - Private Key Conversion

Our RSA code cannot know what to do with your PKCS#11 key. You need to
provide your own implementation of the RSA cipher or signature in order to
use it within the IAIK JCE.

 Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.at

----- Original Message -----
From: "Diego Pietralunga" <diego@ltt.it>
To: "Iaik-Jce (E-mail)" <iaik-jce@iaik.at>
Sent: Thursday, November 16, 2000 10:41 AM
Subject: [iaik-jce] PKCS11 and iaik - Private Key Conversion

> Hello,
> I'm working in a project involving digital signature using smart cards.
> I use IBM's PKCS11 classes (com.ibm.pkcs11) to access the token.
> Now that I've made the card perform some operations,I'd like to verify the
> results;specifically,I've performed SHA/RSA and
> MD5/RSA  signatures.
> The keys are generated on-board.
> If I try to use:
>   Signature sha_rsa = Signature.getInstance("SHA/RSA");
>   sha_rsa.initSign(  (PrivateKey ) rsaPrivateKey  );
>   sha_rsa.update(strToBeSigned.getBytes());
>   byte [] sha_rsa_signature = sha_rsa.sign();

Mailinglist-archive at

To unsubscribe send an email to listserv@iaik.at with the folowing content: