[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [iaik-ssl]cu|| [iaik-jce] SSL- Certificateverify using H/W HSM + iSaSiLk

have a look at the AEP hardware integration for iSaSiLk. it is on our
you can use it as template. the only thing you need to modify is the
AEPRSACipher class. you need to override the method 
  byte[] engineDoFinal(byte[], int, int)

rather than 

  byte[] rawCrypt(byte[])

the engineDoFinal method will receive this 36 byte input, which is a
concatenation of a MD5 and a SHA-1 hash.
CertificateVerify will use this implementation, if you register it as
shown in the demo for AEP hardware.




Karl Scheibelhofer, <mailto:Karl.Scheibelhofer@iaik.at>
Institute for Applied Information Processing and Communications (IAIK)
at Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria,
http://www.iaik.at and http://jcewww.iaik.at

-----Original Message-----
From: iaik-jce-owner@iaik.at [mailto:iaik-jce-owner@iaik.at] On Behalf
Of Asad
Sent: Monday, May 20, 2002 11:14 AM
To: iaik-jce@iaik.at; iaik-ssl@iaik.at
Subject: [iaik-jce] SSL- Certificateverify using H/W HSM + iSaSiLk

Hi all,

I want to use HSM module for "Certificateverify" ( SSL handshake
message) message creation at SSL Client.
This involves 

      Raw  Signing of 36 bytes ( Hashed one) on HSM card. NO HASHING IS
DONE on the message to be signed and Data to be encrypted using pvt key
( signing) is 36 bytes NOT 16 OR 20.

How do i integrate iSaSilk with HSM (Hardware Security Module) in such

Any solution for the above problem.

Thanx in advance


Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl