[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question about generating key pair (urgent)

To: imc-pfl@xxxxxxx
Subject: Re: Question about generating key pair (urgent)
From: cranem@xxxxxxxxxx
Date: Fri, 20 Aug 1999 17:23:09 -0500
List-archive: <http://www.imc.org/imc-pfl/mail-archive/>
List-unsubscribe: <mailto:imc-pfl-request@imc.org?body=unsubscribe>
Sender: owner-imc-pfl@xxxxxxx


Rahim,

The RSA algorithm is not shipped with the Jonah reference code.  We have done
testing with it internally,
but PKIX compliant implementations must support DSA, and not RSA.  To be able to
use RSA, you would
have to have an RSA crypto plug in under CDSA (the reference code only has one
that does DSA now,
which is why you can't actually do any RSA crypto operations).  IBM Keyworks
ships such a plug in, but by
itself this has not been tested with Jonah.

My suggestion might be to try a smart card that supports DSA keys & crypto,
which would be the easiest way to
make progress, and keep your work PKIX compliant.

Regards,
Mike Crane
IBM Austin


Rahim.LAJNEF@xxxxxxxxxxx on 08/18/99 02:06:12 AM

To:   imc-pfl@xxxxxxx
cc:
Subject:  Question about generating key pair (urgent)









     Hi every one,

      could you please let me have the following information :

     -When I run the Scinit program with either the 'C' or 'R' argument, it
     seemed be good: the object stores and the tokens (VSC) are
     successfully initialized and the Key pair are generated with the DSA's
     Algorithms.
     But I'm using a real smart card that support only RSA's Algorithms, so
     I need to generate RSA Key pair. To do this, I use the scinit program
     with [RSA] parameter, I got an error in the MSDOS Command prompt :
     " error ** of generating Keypair" ( I've tried this several times with
     either the Virtual or the Real Smart Card, always with the same result
     (error...)

     -Other error using the Java GUI :when I create a request, I can't
     select RSA Algorithm, In fact, there is only "id-dsa" as the algorithm
     for certificate.Is it natural?
     And when I attempted to validate or to approve the certificate at the
     CA, I got an error that said: "The specified Signature Algorithm is
     not Supported by this server's policy" [CA CREATE CERTIFICATE ERROR]
     So my question is :

        1) IS the RSA Algorithm supported by Jonah? and if it's the case
           How can I do to use it ? or have you any idea what went wrong?
           Because there are all the code source implementing the RSA
           Algorithm, and also they are specified in the INI.files ?

        2) Once the certificate is generated, I can't edit it, So is there
           any tool enable us to Parse this certificate.

     Thanks for your help

     Rahim



 ----------------------------------------------------------------
 INFORMATION    AUTOMATIC VIRUS CHECK (GEMPLUS)   No virus known.
 ----------------------------------------------------------------

Prev by Date: Question about generating key pair (urgent)
Next by Date: Re: Question about generating key pair (urgent)
Previous by thread: Question about generating key pair (urgent)
Next by thread: Re: Question about generating key pair (urgent)
Index(es):
- Date
- Thread