Hi, thanks for you reply. What I do is:
1. generate a RSA key pair using C_GenerateKeyPair with the following template: 64 CK_ATTRIBUTE publicKeyAttr[] = { 65 66 {CKA_TOKEN, &true_, sizeof(true_)}, 67 {CKA_ENCRYPT, &true_, sizeof (true_)}, 68 {CKA_VERIFY, &true_, sizeof (true_)}, 69 { CKA_MODULUS_BITS, &pModulus, sizeof (pModulus ) }, 70 { CKA_PUBLIC_EXPONENT, pExponent, sizeof ( pExponent ) } 71 72 }; 73 74 /* private key attribute */ 75 CK_ATTRIBUTE privateKeyAttr[] = { 76 77 {CKA_TOKEN, &true_, sizeof(true_)}, 78 79 {CKA_DECRYPT, &true_, sizeof (true_)}, 80 {CKA_SIGN, &true_, sizeof (true_)}, 81 {CKA_EXTRACTABLE, &true_, sizeof (true_)}, 82 {CKA_NEVER_EXTRACTABLE, &false_, sizeof (true_)} 83 84 }; When the C_GenerateKey return Could I be export public and private key and put both in two different files? And If I want to import the previously exported key what should I have to do? Sorry for my incompentece, but this is my first experience working with pkcs11.. I have a lot to learn. thanks in advance. -eg On Fri, Jul 10, 2009 at 3:58 PM, Douglas E. Engert <deeng...@anl.gov> wrote: > > > erbalibera erbalibera wrote: > >> Hi guys, >> pkcs11 documentation , says that C_CreateObject could be used to >> create a key object. In the documention example, the key template is >> >> CK_BYTE modulus[] = {...}; >> >> CK_ATTRIBUTE keyTemplate[] = { >> >> {CKA_CLASS, &keyClass, sizeof(keyClass)}, >> >> {CKA_KEY_TYPE, &keyType, sizeof(keyType)}, >> >> {CKA_WRAP, &true, sizeof(true)}, >> >> {CKA_MODULUS, modulus, sizeof(modulus)}, >> >> {CKA_PUBLIC_EXPONENT, exponent, sizeof(exponent)} >> >> }; >> >> >> >> Must the modulus CK_BYTE array to be fill with the modulus of one >> pre-generate key ( maybe one public rsa key that I ve created and now I want >> to import in the token ) or what else? >> > > I would speculate that you have to have the modulus and exponent. > > You may also want to look at the C_GenerateKeyPair, if you want the token > to > create the key pair. It returns the handles to the private and public keys. > > I don't know if this is supported by OpenSC or by what cards. > > >> thanks in advance >> -eg >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> opensc-devel mailing list >> opensc-devel@lists.opensc-project.org >> http://www.opensc-project.org/mailman/listinfo/opensc-devel >> > > -- > > Douglas E. Engert <deeng...@anl.gov> > Argonne National Laboratory > 9700 South Cass Avenue > Argonne, Illinois 60439 > (630) 252-5444 >
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel