Re: smart card private key
- From: Sylvain <noSpam@xxxxxxxx>
- Date: Thu, 17 Jan 2008 11:25:25 +0100
alessiobiancheri@xxxxxxxxx wrote on 17/01/2008 10:52:
Hi everybody,
I would like to retrieve private key information from a smart card
using pkcs11 functions.
[...]
Now, it's possible to retrieve information about the private key and
fill a PRIVATEKEYBLOB structure? It's the right thing to do for insert
the private key in the system keystore?
- a PRIVATEKEYBLOB is not a PKCS#11 structure (but a CSP one)
- a private key is exportable only if its CKA_EXTRACTABLE attribute is set (and CKA_NEVER_EXTRACTABLE not set)
- inserting a smartcard private key into a system keystore is a nonsense (the cert associated with the key shall be present in the cert store to allow an application to use the right CSP but the key stays in the smartcard - also note that this is required to use the key-pair with a CSP interface, a PKCS#11 based application has nothing to do with the user/system store).
Sylvain.
.
- Follow-Ups:
- Re: smart card private key
- From: alessiobiancheri@xxxxxxxxx
- Re: smart card private key
- References:
- smart card private key
- From: alessiobiancheri@xxxxxxxxx
- smart card private key
- Prev by Date: smart card private key
- Next by Date: Re: smart card private key
- Previous by thread: smart card private key
- Next by thread: Re: smart card private key
- Index(es):
Relevant Pages
|
