Hi all, I am totally new to this topic and stuck with this simple issue. Please, provide me with any ideas / recommendations.
The issue: 0. Windows 7. OpenSC is not available. The text is pretty short (<=48 symbols). 1. I have a PIV card with its Key Management Key Certificate. At the moment, this certificate uses EC keys (other algorithms are allowed by NIST SP 800-73). 2. I can download KMK packed with BER-Tlv (there is a set of data with other parts). 3. The certificate itself can be successfully extracted with ASN1_get_object(). 4. I can create some 'certificate' in openssl: BIO* pMemoryBIO = BIO_new_mem_buf((void*)pData, lLength); if(!pMemoryBIO) { return -1; } X509* pCertificate = d2i_X509_bio(pMemoryBIO, NULL); if(!pCertificate) { return -1; } But... What should I use then? I can understand neigher how to use this pCertificate for packing the text nor if I do it totally wrong. Is it correct that OpenSSL can distinguish algorithms used by certificates (RSA, ECDH) by itself, so there is a magic way to encrypt something with any valid certificate provided? Does this call of d2i_X509_bio() create a correct certificate? Many thanks, Max Ushakov -- View this message in context: http://old.nabble.com/How-to%3A-read-a-certificate-from-PIV-smart-card%2C-encode-some-text-with-its-public-key--tp32941067p32941067.html Sent from the OpenSSL - Dev mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org