[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-jce] PKCS11 and iaik - Private Key Conversion



Our RSA code cannot know what to do with your PKCS#11 key. You need to
provide your own implementation of the RSA cipher or signature in order to
use it within the IAIK JCE.

 Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.at


----- Original Message -----
From: "Diego Pietralunga" <diego@ltt.it>
To: "Iaik-Jce (E-mail)" <iaik-jce@iaik.at>
Sent: Thursday, November 16, 2000 10:41 AM
Subject: [iaik-jce] PKCS11 and iaik - Private Key Conversion


> Hello,
>
> I'm working in a project involving digital signature using smart cards.
> I use IBM's PKCS11 classes (com.ibm.pkcs11) to access the token.
> Now that I've made the card perform some operations,I'd like to verify the
> results;specifically,I've performed SHA/RSA and
> MD5/RSA  signatures.
> The keys are generated on-board.
> If I try to use:
>
>   Signature sha_rsa = Signature.getInstance("SHA/RSA");
>
>   sha_rsa.initSign(  (PrivateKey ) rsaPrivateKey  );
>
>   sha_rsa.update(strToBeSigned.getBytes());
>
>   byte [] sha_rsa_signature = sha_rsa.sign();



***************************************************************************
*                                                                         *
* IAIK S/MIME Mapper Security Info                                        *
* ===================================                                     *
*                                                                         *
* for message:                                                            *
*   From: "Andreas Sterbenz" <Andreas.Sterbenz@iaik.at>                   *
*   Date: Tue, 21 Nov 2000 14:20:27 +0100                                 *
*   Subject: Re: [iaik-jce] PKCS11 and iaik - Private Key Conversion      *
*                                                                         *
* Message S/MIME properties:                                              *
*                                                                         *
*   Encrypted using:    not encrypted                                     *
*                                                                         *
*   Digitally signed:   yes                                               *
*   Signature valid:    yes                                               *
*   Signature trusted:  yes                                               *
*                                                                         *
*                                                                         *
* Compliance with policy for email addresses *@iaik.at:                   *
*                                                                         *
*   Encryption:         OK (None or better required)                      *
*                                                                         *
*   Digital Signature:  OK (digital signature required)                   *
*                                                                         *
***************************************************************************