Hi Dod, 

> As I told you I am still learning about thoses Smartcards but it seems
> that  the  SmartCards  has  some  functions you can call, I tested one
> called  "random number generator", but it also can make authentication
> key  calculation  and I suppose this is why the private key cannot not
> be  extracted  but  only  "used by the card" when you call some of its
> functions to compute some encryption or crypto key validation.

A brief look at the STunnel source code shows that they _get the private
key by a call to ENGINE_load_private_key() which returns a pointer to
an EVP_PKEY structure which is the private key. 
How do you exactly setup STunnel? Also please post any command line you
used to export the certificate and the private key with OpenSSL.exe.  

> I  know  the  card  I  use  has a signature and a authentication X.509
> certificate  that  I  can  access,  but  it  do  not have a encryption
> certificate

Certificates are issued for a one or multiple purposes, that's true.
And each purpose added, makes CAs happy since you have to pay for it.
> I am also looking into some other PKCS11 code and sample to try to see
> how I could integrate to ICS if my knowledge and skills permit it.

Which ICS version are you using?

Arno Garrels 

To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to