Hi all!
I have some questions for you.
1)
I have a public key card (Opencard Democard or MFC4.0) and I'm using
OCF1.1. I'm using the card for
generating signatures on the card with the private key and validating
them outside the card with the public key (using the RSA algorithm for
digital signatures). Now, I would like to do the reverse, i.e encrypting
a message with the public key outside the card and decrypting that
message with the private key on the card (using the normal RSA
algorithm).
That should be possible since both algorithms are the same (only the
input is changed). Can I do this? I've tried it using a public key
outside the card to encrypt a message and then using the method
"signHash" in "opencard.opt.signature.SignatureCardService " to decrypt
the message, but I didn't succeed since the private key on the card
required hashing of the message (the encrypted message) and that would
ruin the message. This leads me to my other question...
2)
I'm trying to import a private key using the method "importPrivateKey"
but I have not succeeded. Why are two methods available for key import
(importPrivateKey and importAndValidatePrivateKey)? I get this error
message (truncated):
opencard.opt.service.CardServiceMissingCredentialsException: could not
find key 2
at
com.ibm.opencard.access.MFCSecurityHelper.lookupSignCredential(MFCSecurityHelper.java:182)
at
com.ibm.opencard.access.MFCPKAuthenticator.performAuthentication(MFCPKAuthenticator.java:169)
at
com.ibm.opencard.access.MFCSecureAccessor.executeCommand(MFCSecureAccessor.java:206)
What can I've done wrong? Can I use credentials in any way to solve my
problems, and in that case, how?
3)
I want to use the method "importAndValidatePrivateKey" (in
"opencard.opt.signature.KeyImportCardService") if the above doesn't
work. How do I create the signature that is required? I realize that
signature should be computed over the private key to be imported but I
don't know how!
Any help on this would be much appreciated!
/Martin Sigbj�rn
Visit the OpenCard Framework's WWW site at http://www.opencard.org/ for
access to documentation, code, presentations, and OCF announcements.
-----------------------------------------------------------------------------
To unsubscribe from the OCF Mailing list, send a mail to
"[EMAIL PROTECTED]" with the word "unsubscribe" in the BODY of the
message.
