[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl]cu|| [iaik-jce] SSL- Certificateverify using H/W HSM + iSaSiLk



have a look at the AEP hardware integration for iSaSiLk. it is on our
web-page
http://jcewww.iaik.tu-graz.ac.at/download/evaluation/index.php#AepSslInt
egration.
you can use it as template. the only thing you need to modify is the
AEPRSACipher class. you need to override the method 
  
  byte[] engineDoFinal(byte[], int, int)

rather than 

  byte[] rawCrypt(byte[])

the engineDoFinal method will receive this 36 byte input, which is a
concatenation of a MD5 and a SHA-1 hash.
CertificateVerify will use this implementation, if you register it as
shown in the demo for AEP hardware.

regards

  Karl

--

Karl Scheibelhofer, <mailto:Karl.Scheibelhofer@iaik.at>
Institute for Applied Information Processing and Communications (IAIK)
at Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria,
http://www.iaik.at and http://jcewww.iaik.at


-----Original Message-----
From: iaik-jce-owner@iaik.at [mailto:iaik-jce-owner@iaik.at] On Behalf
Of Asad
Sent: Monday, May 20, 2002 11:14 AM
To: iaik-jce@iaik.at; iaik-ssl@iaik.at
Subject: [iaik-jce] SSL- Certificateverify using H/W HSM + iSaSiLk


Hi all,

I want to use HSM module for "Certificateverify" ( SSL handshake
message) message creation at SSL Client.
This involves 

      Raw  Signing of 36 bytes ( Hashed one) on HSM card. NO HASHING IS
DONE on the message to be signed and Data to be encrypted using pvt key
( signing) is 36 bytes NOT 16 OR 20.

How do i integrate iSaSilk with HSM (Hardware Security Module) in such
scenarioes.


Any solution for the above problem.


Thanx in advance

Asad

--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl