Hi all,
I am totally new to this topic and stuck with this simple issue. Please,
provide me with any ideas / recommendations.
The issue:
0. Windows 7. OpenSC is not available. The text is pretty short (<=48
symbols).
1. I have a PIV card with its Key Management Key Certificate. At the moment,
this certificate uses EC keys (other algorithms are allowed by NIST SP
800-73).
2. I can download KMK packed with BER-Tlv (there is a set of data with other
parts).
3. The certificate itself can be successfully extracted with
ASN1_get_object().
4. I can create some 'certificate' in openssl:
BIO* pMemoryBIO = BIO_new_mem_buf((void*)pData, lLength);
if(!pMemoryBIO) {
return -1;
}
X509* pCertificate = d2i_X509_bio(pMemoryBIO, NULL);
if(!pCertificate) {
return -1;
}
But... What should I use then? I can understand neigher how to use this
pCertificate for packing the text nor if I do it totally wrong.
Is it correct that OpenSSL can distinguish algorithms used by certificates
(RSA, ECDH) by itself, so there is a magic way to encrypt something with any
valid certificate provided?
Does this call of d2i_X509_bio() create a correct certificate?
Many thanks,
Max Ushakov
--
View this message in context:
http://old.nabble.com/How-to%3A-read-a-certificate-from-PIV-smart-card%2C-encode-some-text-with-its-public-key--tp32941067p32941067.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
