Hy Sebastien (and everybody else)! Am 16.02.2010 15:37, schrieb Sebastien Pouliot: > On Tue, 2010-02-16 at 15:17 +0100, Mathias Tausig wrote: >> [...]. > >> The best concept that I could >> make up so far, was to write a PKCS#11 wrapper and then subclass RSA. > > Yep, that's the right thing to do. > > Sebastien >
I have done that now (and no, I have not written a PKCS#11 wrapper in the course of 2 days, I had already started the work before), but I am facing a slight problem. In Mono's implementation of X509Certificate2, when the key is accessed via the PrivateKey property, the ExportParameter method of AssymetricAlgorithm ist invoked (see http://anonsvn.mono-project.com/viewvc/tags/mono-2-6-1/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Certificate2.cs , line 213). When I implemented my Pkcs11RsaKey class, derived from RSA, I chose to throw a CryptographicException whenever ExportParamters(true) is called (since there is no possibility to actually read the private parameters off a token). But if I do so, X509Certificate2.PrivateKey returns null and the whole https - login process fails. Since you wrote the whole Cryptographic namespace, maybe you could shed some light, why this call to ExportParameters is neccesary. Do you see any workaround for this, apart from simply returning the public parameters from ExportParameters(true), as I have done now, to make it work as a proof of concept? cheers Mathias _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
