Comments (2)
Let me first clearly answer your question: BouncyCastle is all you need.
BouncyCastle works out-of-the-box only with the cryptographic keys that can be exposed into the host memory. However one must not forget that BouncyCastle is general purpose cryptographic library and if you are willing to do a little extra work on lower level APIs you can use it also with the keys that cannot be exposed in the host memory. In your case you would need to use BouncyCastle (low level APIs) to create X.509 structure and then use PKCS#11 library for a low level signature. This approach requires you to do more coding and to have much deeper understanding of X.509, ASN.1 and related technologies but it certainly can be done.
BTW I am little confused of your PKCS#11 related posts here [1] and on stackowerflow [1] [2] [3] and I am failing to understand what is your goal with this technology. Maybe you could share more high level details of your project so I can better understand your needs? Feel free to drop me an e-mail to [email protected] if you don't want to discuss it publicly.
from pkcs11interop.
Lets say the fact that I'm trying to deploy an opensource office signature based on your library. :) something like officeblackbox(https://www.eldos.com/sbb/desc-office.php) but opensourced.
I've fully understood the ooxml signature standard method myself And so far based on the current questions and answers and deep investigations in office xml standards docs, I was able to produce a valid signature by using a PKCS#12 file(importing the key from existing certificate) but still I couldn't generate a certificate from token(which is the last requirement).
Now lets continue the discussion in the emails.
Oh and btw thanks for your contribution btw
from pkcs11interop.
Related Issues (20)
- Private key is not in certificate
- Method C_OpenSession returned CKR_CRYPTOKI_NOT_INITIALIZED
- Pkcs11Interop is not supported on this platform HOT 25
- Missing attribute CKA_NAME_HASH_ALGORITHM
- problem in Pkcs11Interop with new dll from epass 2003
- CKR_OPERATION_NOT_INITIALIZED in multithreaded application
- Missing param represents object handle
- Method C_Login returned CKR_SESSION_HANDLE_INVALID
- Incorrect CK_VERSION string value
- Get Key Value From HSM
- Not able to use C_Sign with yubikey PIV slot with CKA_ALWAYS_AUTHENTICATE HOT 5
- Linux : NativeULong as System.UInt32 causes error while accessing CK_GCM_PARAMS structure from PKCS11 standards HOT 2
- mac os compile problem MAUI .net core 7.0 how to fix ?
- SafeNet Data Objects HOT 7
- ComputeDigest/CreateDigestInfo - with newest Pkcs11Interop - how to ?
- C_Sign returned CKR_OPERATION_NOT_INITIALIZED in multithreaded application
- C_Encrypt with AES mechanism always returns with CKR_GENERAL_ERROR HOT 1
- C_FindObjects does return with nothing while running application in docker
- C_FindObjects does return with nothing while running application in docker HOT 3
- session.Decrypt returning garbage characters appended in PKCS#11 Multipart Decryption with Pkcs11Interop v 4.x.x
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pkcs11interop.