You're code looks correct.
To be accurate, there is no "public modulus". The modulus is the same for
both the public and private key, and is therefore simply referred to as the
modulus.
I assume that you've also set:
template[0].type = CKA_MODULUS;
template[1].type = CKA_PUBLIC_EXPONENT;
Have you checked that the bytes of template[0].pValue and template[1].pValue
(and the lengths template[0].ulValueLen and template[1].ulValueLen) match
EXACTLY the bytes stored in the CKA_MODULUS and CKA_PUBLIC_EXPONENT
attributes of the key on the smartcard? I guess it would be possible for
the CKA_PUBLIC_EXPONENT to be a full 32-bit value (4 bytes) even when it
only contains 3 significant bytes, and if BN_bn2bin returns only 3 bytes
then the C_FindObjects wont find a match.
Steven
--
Steven Reddie <[EMAIL PROTECTED]>
Senior Software Engineer
OpenDirectory Lab, Computer Associates Pty Ltd (Australia)
> -----Original Message-----
> From: Nenad Tomasic [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, January 19, 2001 12:20 AM
> To: [EMAIL PROTECTED]
> Subject: smartcard / openssl integration +PKCS11
>
> Hello ,
>
> I have an RSA-key pair with the corresponding certificate in a smartcard.
>
> I wanted to retrieve the values of the public modulus and the public
> exponent of the
> public key to assign the values in a search template , and then to use the
> search template
> in the PKCS11-Methods
> C_FindObjectsInit and C_FindObjects to get a handle to the private key.
>
> But something went wrong, it didn't find an object at all, it matched only
> when in my
> search-template was just the the public modulus.
>
> Does anyone has an idea?
>
> thanx
>
> nenad tomasic
>
>
>
>
>
> pN = publicKey->pkey.rsa->n; /*public Modulus as a *BIGNUM*/
> pE = publicKey->pkey.rsa->e; /*public exponent as a *BIGNUM*/
>
> pModulus = malloc(BN_num_bytes(pN));
> pExponent = malloc(BN_num_bytes(pE));
>
> template[0].pValue = pModulus;
> template[1].pValue = pExponent;
>
> template[0].ulValueLen = BN_bn2bin(pN, template[0].pValue);
> template[1].ulValueLen = BN_bn2bin(pE, template[1].pValue);
>
> rv = tokenInfo.pFunctionList->C_FindObjectsInit(hSession, template, 2);
> if(rv != CKR_OK) {
> return NULL;
> }
>
> rv = tokenInfo.pFunctionList->C_FindObjects(hSession, phPrivKey, 1,
> &ulObjectCount);
> if(rv != CKR_OK) {
> return NULL;
> }
>
>
> ==> ulObjectCount == 0
>
> --
>
> +---------------------------------------------------------------------+
> | Nenad Tomasic Roentgenstr. 22 Phone: +41 1-272 6111 |
> | AdNovum Informatik CH-8005 Zuerich Fax: +41 1-272 6312 |
> | |
> | AdNovum Software Inc. San Mateo, CA 94404 Voice: (650) 525-9322 |
> | 1400 Fashion Island Boulevard #309 Fax: (650) 525-9324 |
> +---------------------------------------------------------------------+
> | E-MAIL : <mailto:[EMAIL PROTECTED]> |
> | <http://www.adnovum.ch> |
> +---------------------------------------------------------------------+
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
