And people expect to get a key pair on the token when using pkcs11-
tool to generate a key pair. As of now they only get the private key
since the public key is removed when the session closes.
If they want to save space and remove the public key then use pkcs11-
tool -b ...
12 mar 2009 kl. 22.23 skrev "Rickard Bondesson" <rickard.bondes...@iis.se
>:
True, the public key do take place. But you need the public to be able
to verify signatures (private keys do not have the verify attribute).
So you prefer that you create a temporary public key each time you
want to verify anything?
If you still do not want to create a public key token object, then you
have to rewrite some of the functions in pkcs11-tool that requires the
public key.
12 mar 2009 kl. 19.49 skrev "Alon Bar-Lev" <alon.bar...@gmail.com>:
> This is not required, as one can get this from private key
attributes
> or from the certificate.
> It just waste card storage...
> I read the message in reference, and I think that there should be a
> different solution for this
> without storing the public
>>
>>
>>
>>
>>
>>
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
