66 742D696E 632E636F 6D310B30 09060355 04061302 55533114
30120603 55040A13 0B456C65 6374726F 736F6674 310C300A 06035504 0B13034C
6162311C 301A0603 55040313 13436872 69737469 616E2042 6F6E6769 6F726E6F
DN: [EMAIL PROTECTED], C=US,
O=Electrosoft, OU=Lab, CN=Christian Bongiorno
CKA_
Arshad,
I found out that it was a client authentication issue. The client wasn't
correctly decrypting the challenge. Which brings me to another question
I will be asking this groups shortly.
Christian
http://christian.bongiorno.org/
___
dev-tech-cry
I attempt to access a web page that requires a client certificate. I get
prompted for which cert to use, I select it, and then I get a blank
page. I look at the page source, and nothing. This happens on several
pages with the same server. I don't get an error message or anything
What does that
> I don't know what went wrong here.
>
> Wan-Teh
>
Yeah, me neither. As far as the selection of certs goes in the UI, If I
select a cert that has key usage of 'Digital Signature, Non-Repudiation
(c0)' for signing, it prompts me if I would like to also use it for
encryption. Obviously this cert
I am seeing some behavior from Thunderbird that I cannot explain. I have
a PIV card with 3 certs on it -- all of which are suppose to be meant
for different things. Thunderbird correctly sees the one applicable for
digital signature, and correctly sees the one for encryption. 2 things:
Wheneve
Can someone shed some light on this:
I am trying to load firefox in my debugger and I get these exceptions
over and over and the browser window never shows:
First-chance exception at 0x7c812a5b in firefox.exe: Microsoft C++
exception: XML::XmlObject @ 0x0013e338.
First-chance exception at 0x7
Ok, nevermind, I got it -- 1 byte, just 1-- was out of place in my
padding! Now it verifies. Thanks for your help just the same.
Christian Bongiorno wrote:
Bob,
I am being asked for CKM_RSA_PKCS -- I am PKCS 1.5 encoding the input
for encryption, the result I get back already is 128 bytes
ata should be
returned back to TB --
Thanks for your help
Christian
Bob Relyea wrote:
Christian Bongiorno wrote:
I am currently trying to sign some data in tbird and the signature is
not valid.
The incoming data I get (C_Sign()) is an ASN1_STRING of the SHA1 hash
of the message. Curre
I am currently trying to sign some data in tbird and the signature is
not valid.
The incoming data I get (C_Sign()) is an ASN1_STRING of the SHA1 hash of
the message. Currently, I am encrypting the whole thing and returning
raw data back.
Should I be decoding the ASN1 input, encrypting the h
Bob,
It turns out I was not correctly encoding the CKA_VALUE attribute of the
certificate. I had assumed it was correctly encoded from the card and I
was wrong. Once I fixed that, it just worked!
Nils Larsch, from the opensc group, had this to say:
--
The CKA_VALUE attribute of a cer
xC (12)]
020A610A 3EAE 0018
CKA_SUBJECT [size : 0x9F (159)]
30819C31 2D302B06 092A8648 86F70D01 0901161E 63626F6E 67696F72 6E6F4065
6C656374 726F736F 66742D69 6E632E63 6F6D310B 30090603 55040613 02555331
0B300906 03550408 13025641 310F300D 06035504 07130652
Well, My thanks to both of you -- I made both changes and it actually
works! with regard to ulMaxSessionCount == 1 being a special case --
looking more in that code it turns out that condition is only used to
help determine if the session is RW. So, I made all suggested changes
and now it works
I am currently developing a PKCS11 module for a new card and I am seeing
some strange behavior: For some reason, thunderbird continually repeats
the same 7 functions over and over eventhough it "installs" the module
successfully. Most of them are just "getInfo" functions but it also
continues t
13 matches
Mail list logo
