[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl]cu|| Retrieving Public Key from Smart Card



Hi Karl,

Thanks for Your Response. That is fine that i will
save the Public Key in this situation but i do not
want to save Private Key ever out of Smart Card. Now i
want that i send some information to smart card which
is signed by Private Key and then i verify it with the
Public Key saved in say Database [which i would have
done when i had generated the key pair]. In this case
i will definitly have to search the Private Key so
that i get the Key handle for Private key and then
pass to encrypt and/or sign methods. What do you
suggest in that case.

Best Regards
Nick
--- Karl Scheibelhofer <Karl.Scheibelhofer@iaik.at>
wrote:
> hi Nick,
> 
> > -----Original Message-----
> > From: iaik-ssl-owner@iaik.at
> [mailto:iaik-ssl-owner@iaik.at] 
> > On Behalf Of Nick Karamer
> > Sent: Thursday, April 11, 2002 12:43 PM
> > To: iaik-ssl@iaik.at
> > Subject: [iaik-ssl]cu|| Retrieving Public Key from
> Smart Card
> > 
> > 
> > Hi all,
> > 
> > I am successful in generating Key pair on the
> smart
> > card through my application code. Infact i had to
> use
> > C_XXXX functions od wrapper class PKCS11 directly.
> Now
> > i want to do following
> > 
> > 1- Retreive Public Key
> > 2- Retrieve Private Key to send the handle of that
> for
> > signing.
> 
> the method C_GenerateKeyPair returns the handle of
> the generated public
> key and the private key. 
> you do not need to search for them.
> 
> > 
> > I have written following code to find the Key
> > 
> >       long[] slotIDs_ =
> __pkcs11.C_GetSlotList(true);
> >       token_ = slotIDs_[0];
> >       session_ = __pkcs11.C_OpenSession(token_, 
> > PKCS11Constants.CKF_SERIAL_SESSION | 
> > PKCS11Constants.CKF_RW_SESSION, null, null);
> >       __pkcs11.C_Login(session_,
> > PKCS11Constants.CKU_USER,
> str_UserPIN.toCharArray());
> >       System.out.println("The Smart Card is Logged
> in
> > with New User");
> >       System.out.println("Going to get Public Key
> the
> > User --- " + str_UserPIN);
> >       // set the search template for the public
> key
> >       int i_KeyLength = 1024; // change it
> >       RSAPublicKey rsaPublicKeyTemplate = new
> > RSAPublicKey();
> >      
> >
>
rsaPublicKeyTemplate.getId().setByteArrayValue(a_strKeyId.getBytes());
> >      
> >
>
rsaPublicKeyTemplate.getModulusBits().setLongValue(new
> > Long(i_KeyLength));
> >      
> >
>
rsaPublicKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
> >       byte [] publicKeyExponentBytes = {0x01 ,
> 0x00,
> > 0x01};
> >      
> >
>
rsaPublicKeyTemplate.getPublicExponent().setByteArrayValue(pub
> > licKeyExponentBytes);
> >       Vector publikKeyAttributes =
> > rsaPublicKeyTemplate.getSetAttributes();
> >       CK_ATTRIBUTE [] publicKeyAttList = null;
> >       if (publikKeyAttributes!=null &&
> publikKeyAttributes.size()> 0)
> >       {
> >         publicKeyAttList = new
> > CK_ATTRIBUTE[publikKeyAttributes.size()];
> >         for (int i_Index=0; i_Index <
> > publikKeyAttributes.size(); i_Index++)
> >         {
> >           publicKeyAttList[i_Index] =
> > (CK_ATTRIBUTE)publikKeyAttributes.get(i_Index);
> >         }
> >         System.out.println("Total Attributes are "
> +
> > publikKeyAttributes.size());
> >       }
> >       __pkcs11.C_FindObjectsInit(session_,
> > publicKeyAttList);
> >       long [] keysFound =
> > __pkcs11.C_FindObjects(session_, 100);
> >       __pkcs11.C_FindObjectsFinal(session_);
> >       System.out.println("Total Attributes are
> after
> > finding " + publicKeyAttList.length);
> >       System.out.println("Total Keys Found are " +
> > keysFound.length);
> > 
> > 
> > These were the attributes which i had set when i
> > created the key pair and it was created with
> success.
> > Now everything goes fine but the function
> > C_FindObjects returns 0 no of key handles. Also if
> i
> 
> as written above, you get the handles from the
> key-pair generation
> directly.
> 
> > get some key then how would i convert it to
> PublicKey
> > to be used in JCE. I have tried this code with
> > providing only KeyId attribute but the result
> remains
> > the same. Please help.
> 
> use something like
> 
>       RSAPublicKey exportableRsaPublicKey =
> (RSAPublicKey)
> generatedKeyPair[0];
>       BigInteger modulus = new BigInteger(1,
>
exportableRsaPublicKey.getModulus().getByteArrayValue());
>       BigInteger publicExponent = new BigInteger(1,
>
exportableRsaPublicKey.getPublicExponent().getByteArrayValue());
>       RSAPublicKeySpec rsaPublicKeySpec = new
> RSAPublicKeySpec(modulus,
> publicExponent);
>       KeyFactory keyFactory =
> KeyFactory.getInstance("RSA");
>       java.security.interfaces.RSAPublicKey
> javaRsaPublicKey =
> (java.security.interfaces.RSAPublicKey)
>          
> keyFactory.generatePublic(rsaPublicKeySpec);
> 
> regards
> 
>   Karl
> 
> --
> 
> Karl Scheibelhofer,
> <mailto:Karl.Scheibelhofer@iaik.at>
> Institute for Applied Information Processing and
> Communications (IAIK)
> at Graz University of Technology, Austria,
> http://www.iaik.at and
> http://jcewww.iaik.at
> Phone: (+43) (316) 873-5540
> 


__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl