[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl]cu|| Retrieving Public Key from Smart Card



hi Nick,

> -----Original Message-----
> From: iaik-ssl-owner@iaik.at [mailto:iaik-ssl-owner@iaik.at] 
> On Behalf Of Nick Karamer
> Sent: Thursday, April 11, 2002 12:43 PM
> To: iaik-ssl@iaik.at
> Subject: [iaik-ssl]cu|| Retrieving Public Key from Smart Card
> 
> 
> Hi all,
> 
> I am successful in generating Key pair on the smart
> card through my application code. Infact i had to use
> C_XXXX functions od wrapper class PKCS11 directly. Now
> i want to do following
> 
> 1- Retreive Public Key
> 2- Retrieve Private Key to send the handle of that for
> signing.

the method C_GenerateKeyPair returns the handle of the generated public
key and the private key. 
you do not need to search for them.

> 
> I have written following code to find the Key
> 
>       long[] slotIDs_ = __pkcs11.C_GetSlotList(true);
>       token_ = slotIDs_[0];
>       session_ = __pkcs11.C_OpenSession(token_, 
> PKCS11Constants.CKF_SERIAL_SESSION | 
> PKCS11Constants.CKF_RW_SESSION, null, null);
>       __pkcs11.C_Login(session_,
> PKCS11Constants.CKU_USER, str_UserPIN.toCharArray());
>       System.out.println("The Smart Card is Logged in
> with New User");
>       System.out.println("Going to get Public Key the
> User --- " + str_UserPIN);
>       // set the search template for the public key
>       int i_KeyLength = 1024; // change it
>       RSAPublicKey rsaPublicKeyTemplate = new
> RSAPublicKey();
>      
> rsaPublicKeyTemplate.getId().setByteArrayValue(a_strKeyId.getBytes());
>      
> rsaPublicKeyTemplate.getModulusBits().setLongValue(new
> Long(i_KeyLength));
>      
> rsaPublicKeyTemplate.getToken().setBooleanValue(Boolean.TRUE);
>       byte [] publicKeyExponentBytes = {0x01 , 0x00,
> 0x01};
>      
> rsaPublicKeyTemplate.getPublicExponent().setByteArrayValue(pub
> licKeyExponentBytes);
>       Vector publikKeyAttributes =
> rsaPublicKeyTemplate.getSetAttributes();
>       CK_ATTRIBUTE [] publicKeyAttList = null;
>       if (publikKeyAttributes!=null && publikKeyAttributes.size()> 0)
>       {
>         publicKeyAttList = new
> CK_ATTRIBUTE[publikKeyAttributes.size()];
>         for (int i_Index=0; i_Index <
> publikKeyAttributes.size(); i_Index++)
>         {
>           publicKeyAttList[i_Index] =
> (CK_ATTRIBUTE)publikKeyAttributes.get(i_Index);
>         }
>         System.out.println("Total Attributes are " +
> publikKeyAttributes.size());
>       }
>       __pkcs11.C_FindObjectsInit(session_,
> publicKeyAttList);
>       long [] keysFound =
> __pkcs11.C_FindObjects(session_, 100);
>       __pkcs11.C_FindObjectsFinal(session_);
>       System.out.println("Total Attributes are after
> finding " + publicKeyAttList.length);
>       System.out.println("Total Keys Found are " +
> keysFound.length);
> 
> 
> These were the attributes which i had set when i
> created the key pair and it was created with success.
> Now everything goes fine but the function
> C_FindObjects returns 0 no of key handles. Also if i

as written above, you get the handles from the key-pair generation
directly.

> get some key then how would i convert it to PublicKey
> to be used in JCE. I have tried this code with
> providing only KeyId attribute but the result remains
> the same. Please help.

use something like

      RSAPublicKey exportableRsaPublicKey = (RSAPublicKey)
generatedKeyPair[0];
      BigInteger modulus = new BigInteger(1,
exportableRsaPublicKey.getModulus().getByteArrayValue());
      BigInteger publicExponent = new BigInteger(1,
exportableRsaPublicKey.getPublicExponent().getByteArrayValue());
      RSAPublicKeySpec rsaPublicKeySpec = new RSAPublicKeySpec(modulus,
publicExponent);
      KeyFactory keyFactory = KeyFactory.getInstance("RSA");
      java.security.interfaces.RSAPublicKey javaRsaPublicKey =
(java.security.interfaces.RSAPublicKey)
          keyFactory.generatePublic(rsaPublicKeySpec);

regards

  Karl

--

Karl Scheibelhofer, <mailto:Karl.Scheibelhofer@iaik.at>
Institute for Applied Information Processing and Communications (IAIK)
at Graz University of Technology, Austria, http://www.iaik.at and
http://jcewww.iaik.at
Phone: (+43) (316) 873-5540

--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl