Re: [OCF] Certificate requests

Mon, 09 Oct 2000 00:23:31 -0700 

Hi,

The java.security package included in the JDK 1.2 API is mainly designed 
for source code protection.
Most cryptography functionalities are in the Java Cryptography Extension.
Take a look at this : http://java.sun.com/products/jce/index.html.

I hope this might help.
                                 Nicolas.

At 13:23 05/10/00 -0300, you wrote:



>Hi, folks.
>I am new to OCF and smart cards, but I already have a big assignment on 
>them. I
>am trying to devise a process in which a client receives an empty smart 
>card and
>"initializes" his/her card through the Internet on a server. The idea is 
>that a
>web page downloads an applet on the client and the applet generates (or 
>asks the
>card to generate) a key pair (if the card generates it, better) and the applet
>generates a PKCS#10 CSR (certificate signing request) and sends it to the 
>server
>to sign. Then the server signs it and returns a complete certificate that the
>applet asks the card to store.
>The problem is, the Java 1.2.2 APIs don't seem to have anything similar to 
>a CSR
>class or generator. I think I saw something about a sun.security package that
>would have it. Also keytool can do it on a command line, but I would rather do
>it inside the applet. I am coming to the conclusion that I will have to 
>create a
>CSR "by hand", i.e. following the PKCS#10 recipe, and ASN.1 DER seems so
>complicated! Any help appreciated. Also please point out any security flaws
>anyone sees in the process.
>Regards,
>Douglas
>
>
>
>
>---
> > Visit the OpenCard web site at http://www.opencard.org/ for more
> > information on OpenCard---binaries, source code, documents.
> > This list is being archived at http://www.opencard.org/archive/opencard/
>
>! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
>! to
>!                           [EMAIL PROTECTED]
>! containing the word
>!                           unsubscribe
>! in the body.



---
> Visit the OpenCard web site at http://www.opencard.org/ for more
> information on OpenCard---binaries, source code, documents.
> This list is being archived at http://www.opencard.org/archive/opencard/

! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
!                           [EMAIL PROTECTED]
! containing the word
!                           unsubscribe 
! in the body.

Reply via email to