[prev in list] [next in list] [prev in thread] [next in thread]
List: bouncycastle-crypto-dev
Subject: Re: [dev-crypto] Re: limitation in bouncy castle
From: Tomas Gustavsson <tomasg () primekey ! se>
Date: 2008-02-27 8:45:54
Message-ID: 47C52342.7030405 () primekey ! se
[Download RAW message or body]
Perhaps I am missunderstanding everything, but I'll at least explain
what I mean with crypto middle-ware below.
With regards to your problem perhaps you can post the code that
generates the keys and the pkcs12 that fails to import in windows?
I have never had any problems using 1024, 2048 or even 4096 bit RSA keys
in pkcs12 files in windows (although I prefer to use GNU/Linux).
It was RSA keys right?
Crypto-middleware:
When you use a piece of cryptographic hardware such as:
- A smart card
- A Hardware Security Module (HSM) like nCipher, SafeNet Luna, etc.
The private key is stored in the hardware and can not be copied to the
computer. All cryptographic operations involving the private key is done
in the piece of cryptographic hardware.
So if you use Java the crypto middle-ware usually show up as a JCE
Provider which you can use, or a PKCS#11 library that you can use with
the PKCS#11 Provider build into every JDK >= 1.5.
When you get a PrivateKey object from such a provider you can not write
that private key to a file and import it somewhere else, because the
PrivateKey object is just a reference to the internal private key inside
the crypto hardware. This is why you call decrypt functions in BC with a
provider argument, so the BC api actually passes the PrivateKey object
to the middle-ware provider where the actually cryptographic operation
is taking place.
As I said, maybe this has nothing to do with your case, but since you
mentioned crypto hardware I though of this possibility.
Regards,
Tomas
Ayman wrote:
> Hello All,
>
>
>
> Yes, I changed the public key exponent from a small one to a large one
> then the problem appears.
>
>
>
> With respect to "crypto middle-ware" I don't know really what is it?
>
> Is it really important when using large public key exponents?
>
>
>
> Thanks so much
>
> Ayman
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic