Hi,
We are using Cyberflex Access e-gate 32K cards from Schlumberger. The
pkcs#11 library that we are using is the one that they provide with the
cards. We are using windows 2000.
Regards,
Aintzane
Nils Larsch
<[EMAIL PROTECTED] Para: [EMAIL PROTECTED]
de> cc:
Enviado por: Asunto: Re: certificate request
owner-openssl-users@
openssl.org
02/09/2003 14:24
Por favor, responda
a openssl-users
Aintzane Armentia Diaz de Tuesta wrote:
> Hi all,
>
> We are trying to generate a certificate request following the
PKCS#10
> standard. We've read the example called mkreq.c, but we have a doubt.
>
> We have generated the key pair inside a smart card. If we want to read
the
> public key to generate the certificate request we can't read the value
of
> the key, we have to read the modulus and the exponent of the public
key.
> Once we've read these two values, what do we have to do? We've seen
how
> using the modulus and the exponent of the public key we can generate a
key
> pair, but in this case is that new private key the same as we
created
> inside the smart card? This must be imposible, so, we don't know what
to
> do. We want to generate only the public key, not both, the public one
and
> the private one. Thank you in advance,
If you can create pkcs1 signatures with the smartcard key you can
create the pkcs10 request (but you need a engine for the smartcard
to let OpenSSL use the smartcard for signature generation). If the
key can only decrypt messages you can't create a self-signed pkcs10
request. Btw: What smartcard (OS/PKCS15 ? etc.) do you use ?
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
