[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl]cu|| Generate Keypair on Smart Card or Import p12 file into Smart Card

hi Nick,

> -----Original Message-----
> From: iaik-ssl-owner@iaik.at [mailto:iaik-ssl-owner@iaik.at] 
> On Behalf Of Nick Karamer
> Sent: Friday, April 05, 2002 9:05 AM
> To: iaik-jce@iaik.at; iaik-ssl@iaik.at
> Subject: [iaik-ssl]cu|| Generate Keypair on Smart Card or 
> Import p12 file into Smart Card
> Hi all,
> I can now access smart card using IAIK pkcs11 wrapper
> in my java application. I want to generate a key pair
> on smart card which would be later used for signing
> and verification. but the function GenerateKeyPair in
> class Session returns an exception
> iaik.pkcs.pkcs11.wrapper.PKCS11Exception:
> aik.pkcs.pkcs11.wrapper.PKCS11Implementation.C_GenerateKeyPair(Native
> Method)
> 	at
> iaik.pkcs.pkcs11.Session.generateKeyPair(Session.java:1193)
> 	at
> demo.pkcs.pkcs11.GenerateKeyPair.main(GenerateKeyPair.java:124)
> Please note that when i use the same function for HSM
> token like Chrysalis, it works fine.

different PKCS#11 tokens require different attributes on the key
templates to be set.
if you give the token a key template that has 'encryption' set to true,
your token may reject it with CKR_ATTRIBUTE_TYPE_INVALID. try to set
only those attributes that you really need. some attributes are
required. you can see it in the PKCS#11 standard which attributes of
e.g. RSA private and public keys you have to set when calling
C_GenerateKeyPair. try e.g.

      // set the attributes for the public key
      byte[] publicExponentBytes = {0x01, 0x00, 0x01};

      // set the attributes for the private key
      RSAPrivateKey rsaPrivateKeyTemplate = new RSAPrivateKey();

> 2- Second problem is that i want to import p12 file
> into Smart card through my application. Any help on
> this ?

the demo demo.pkcs.pkcs11.DownloadPrivateKey does exactly this.




Karl Scheibelhofer, <mailto:Karl.Scheibelhofer@iaik.at>
Institute for Applied Information Processing and Communications (IAIK)
at Graz University of Technology, Austria, http://www.iaik.at and
Phone: (+43) (316) 873-5540

Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl