[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] PKCS11 and iaik - Private Key Conversion



Hello,

I'm working in a project involving digital signature using smart cards.
I use IBM's PKCS11 classes (com.ibm.pkcs11) to access the token.
Now that I've made the card perform some operations,I'd like to verify the
results;specifically,I've performed SHA/RSA and
MD5/RSA  signatures.
The keys are generated on-board.
If I try to use:

  Signature sha_rsa = Signature.getInstance("SHA/RSA");

  sha_rsa.initSign(  (PrivateKey ) rsaPrivateKey  );

  sha_rsa.update(strToBeSigned.getBytes());

  byte [] sha_rsa_signature = sha_rsa.sign();

But when executed I get:

java.lang.ClassCastException: com.ibm.pkcs11.nat.NativePKCS11Object
	at
certificatecomposer2.NativePKCS11Test.manualRsaPkcs(NativePKCS11Test.java:63
4)
	at
certificatecomposer2.NativePKCS11Test.testToken(NativePKCS11Test.java:115)
	at certificatecomposer2.NativePKCS11Test.main(NativePKCS11Test.java:82)
Exception in thread "main"

rsaPrivateKey is a PKCS11Object obtained this way:

    int[] attrtypes3  = { PKCS11Object.CLASS,
			 PKCS11Object.KEY_TYPE,
			 PKCS11Object.LABEL,
			 PKCS11Object.SIGN };

    Object[] attrvalues3 = { PKCS11Object.PRIVATE_KEY,  // CLASS
			    PKCS11Object.RSA,             // KEY_TYPE
			    "myLabel",                           // LABEL
			    Boolean.TRUE };                  // SIGN

    session.findObjectsInit(attrtypes3, attrvalues3);
    PKCS11Object rsaPrivateKey = session.findObject();
    session.findObjectsFinal();


Can you give a hint about doing this test?

I've also tried to cast with :

iaik.security.rsa.RSAPrivateKey (compile-time error)

and

java.security.interfaces.RSAPrivateKey (run-time error)

More in general, are there any facilities in iaik to access/use/interface
with smart cards?

Best Regards,
	Diego Pietralunga






--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce