Hi, thanks for you reply.
What I do is:
1. generate a RSA key pair using C_GenerateKeyPair with the following
template:
64 CK_ATTRIBUTE publicKeyAttr[] = {
65
66 {CKA_TOKEN, &true_, sizeof(true_)},
67 {CKA_ENCRYPT, &true_, sizeof (true_)},
68 {CKA_VERIFY, &true_, sizeof (true_)},
69 { CKA_MODULUS_BITS, &pModulus, sizeof (pModulus ) },
70 { CKA_PUBLIC_EXPONENT, pExponent, sizeof ( pExponent ) }
71
72 };
73
74 /* private key attribute */
75 CK_ATTRIBUTE privateKeyAttr[] = {
76
77 {CKA_TOKEN, &true_, sizeof(true_)},
78
79 {CKA_DECRYPT, &true_, sizeof (true_)},
80 {CKA_SIGN, &true_, sizeof (true_)},
81 {CKA_EXTRACTABLE, &true_, sizeof (true_)},
82 {CKA_NEVER_EXTRACTABLE, &false_, sizeof (true_)}
83
84 };
When the C_GenerateKey return Could I be export public and private key and
put both in two different files?
And If I want to import the previously exported key what should I have to
do?
Sorry for my incompentece, but this is my first experience working with
pkcs11.. I have a lot to learn.
thanks in advance.
-eg
On Fri, Jul 10, 2009 at 3:58 PM, Douglas E. Engert <deeng...@anl.gov> wrote:
>
>
> erbalibera erbalibera wrote:
>
>> Hi guys,
>> pkcs11 documentation , says that C_CreateObject could be used to
>> create a key object. In the documention example, the key template is
>>
>> CK_BYTE modulus[] = {...};
>>
>> CK_ATTRIBUTE keyTemplate[] = {
>>
>> {CKA_CLASS, &keyClass, sizeof(keyClass)},
>>
>> {CKA_KEY_TYPE, &keyType, sizeof(keyType)},
>>
>> {CKA_WRAP, &true, sizeof(true)},
>>
>> {CKA_MODULUS, modulus, sizeof(modulus)},
>>
>> {CKA_PUBLIC_EXPONENT, exponent, sizeof(exponent)}
>>
>> };
>>
>>
>>
>> Must the modulus CK_BYTE array to be fill with the modulus of one
>> pre-generate key ( maybe one public rsa key that I ve created and now I want
>> to import in the token ) or what else?
>>
>
> I would speculate that you have to have the modulus and exponent.
>
> You may also want to look at the C_GenerateKeyPair, if you want the token
> to
> create the key pair. It returns the handles to the private and public keys.
>
> I don't know if this is supported by OpenSC or by what cards.
>
>
>> thanks in advance
>> -eg
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> opensc-devel mailing list
>> opensc-devel@lists.opensc-project.org
>> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>>
>
> --
>
> Douglas E. Engert <deeng...@anl.gov>
> Argonne National Laboratory
> 9700 South Cass Avenue
> Argonne, Illinois 60439
> (630) 252-5444
>
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
