Hi all,

I am totally new to this topic and stuck with this simple issue. Please,
provide me with any ideas / recommendations.

The issue:

0. Windows 7. OpenSC is not available. The text is pretty short (<=48
1. I have a PIV card with its Key Management Key Certificate. At the moment,
this certificate uses EC keys (other algorithms are allowed by NIST SP
2. I can download KMK packed with BER-Tlv (there is a set of data with other
3. The certificate itself can be successfully extracted with

4. I can create some 'certificate' in openssl:

                BIO* pMemoryBIO = BIO_new_mem_buf((void*)pData, lLength);
                if(!pMemoryBIO) {
                        return -1;
                X509* pCertificate = d2i_X509_bio(pMemoryBIO, NULL);
                if(!pCertificate) {
                        return -1;

But... What should I use then? I can understand neigher how to use this
pCertificate for packing the text nor if I do it totally wrong.

Is it correct that OpenSSL can distinguish algorithms used by certificates
(RSA, ECDH) by itself, so there is a magic way to encrypt something with any
valid certificate provided?

Does this call of d2i_X509_bio() create a correct certificate?

Many thanks,
Max Ushakov
View this message in context: 
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to