Hi all, I've been trying to make more use of our smartcards, but I think I am missing the point some how. What I would like to do is: a) encrypt some data, by means of one of my private keys on my smartcard someone else should be able to decrypt it with the public key on my certificate.
b) let someone else encrypt some data, by means of my public key on my certificate. I should be able to decrypt it with one of my private keys on my smartcard. I speak in plural about keys/certificates, cause we have different pairs for authentication/non-repodiation/etc So first I load the engine: OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/libaetpkss.so.3.0 (dynamic) Dynamic engine loading support [Success]: SO_PATH:/usr/lib/engines/engine_pkcs11.so [Success]: ID:pkcs11 [Success]: LIST_ADD:1 [Success]: LOAD [Success]: MODULE_PATH:/usr/lib/libaetpkss.so.3.0 Loaded: (pkcs11) pkcs11 engine OpenSSL> And next I try to encrypt something: OpenSSL> OpenSSL> enc -base64 -in /root/data.txt -out file.txt.enc -engine pkcs11 engine "pkcs11" set. OpenSSL> OpenSSL> enc -d -aes-256-cbc -a -in file.txt.enc -engine pkcs11 engine "pkcs11" set. enter aes-256-cbc decryption password: error in enc OpenSSL> I presume, I'll have to specify which private-key (and PIN), although "-k 41" or "-k 43" does not work either, neither does "-key id_43" Am I missing something, or is this just not possible? Hans ______________________________________________________________________ Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
