My comments below...
----------
Trust, but verify.
- Anonymous
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, October 11, 2000 11:24 PM
>To: [EMAIL PROTECTED]
>Cc: [EMAIL PROTECTED]
>Subject: RE: [OCF] Certificate requests
>
>
>
>
>Thanks for your answer, Mohammed. I am doing my tests with GPK 4000 and GPK
>8000 cards. GPK 4000 has 6 manuals full of instructions, but this looks
>much like assembly programming.
>Do I have to assemble APDUs to send to the card myself
>or are there any ready calls in OCF that I can use to generate
>keys, get public key out of the card, store certificates inside the card
>and sign data.
OCF provides you API for
(1)generation of key pairs
(2)signing
(3)store certificates(just store the DER encoded stuff in some transparent/binary file)
(4)fetch public key - I don't know whether OCF provides this a one step process. But a
simple work around will be reading 'a' record(to be precise 2 records, for N and E)
from the PK file.
The attached program generates a key pair, signs some data and verifies the signature.
>Also, I am a little confused by the file naming scheme. Are
>there any well-known file names under which I should store my certificate
>or is it just a matter of conventioning some file for my application?
Its upto the application. There is no restriction as such. There is just a
'recommendation' that the DF should be named as XY00 and all its EFs should be
christened as XYab.
>I have read the manuals for GPK and they talk about master file, dedicated
>files and elementary files, and these can be of various types.
>Could you clarify this some more to me?
The file types are explained very elaborately in the reference manuals. Please go thru
them, and if you have any specific query, please let me know.
Test.java
