Hi! Kim Rasmussen:
With a *secure* smartcard, you will never be able to extract the private key.
I wasn't sure about that, I supposed that it would have been a very bad idea to extract the private key and store it in the hard disk, but I thought it could be possible. Thanks for the explanation.
Carsten Raskgaard:
The java source you quoted is from our support for the cdcard keystore which is not related in any way to a pkcs#11/smartcard keystore.
I thought that maybe a CdCard was related with SmartCards, so thanks. :) Now I am not sure what's happening: I found that the demo at http://www.openoces.org/demo/entrance_opensign.html actually reads my smartcard if I check the CAPI plugin with the last stable version of the Applet. On the other hand OpenSignX only reads the keys in the Windows keystore but NOT in the smartcard. So somewhere there is some code implemented to read the smartcard through CAPI, and if they say that that is possible with OpenSignX, what could I do to configure the applet like in the demo? I suppose that CAPI doesn't use pkcs#11... Then I think that there is at least one version, maybe not OpenSignX, that it is able somehow to sign with smartcards but only in Windows, and there isn't any version that it's able to do that without Windows, because there is no pkcs#11 support, am I right? And that's why Carsten said a pkcs#11 keystore would be interesting to implement?
_______________________________________________ Developer mailing list [email protected] https://www.openoces.org/mailman/listinfo/developer
