Scribd Logo
Upload

Welcome to Scribd!

  • Creation of Public Key Object On The Etoken

    Uploaded by

    Даниил K
    5 views2 pages
    This document discusses the creation of public key objects on eTokens during the certificate enrollment process using CAPI. It notes that while the private key and certificate are created on the token, the public key object is not and instead the public key material can be extracted from the certificate. It provides two examples, the first being enrollment with MSCA which only creates private key and certificate objects, while the second is enrollment with Firefox which creates certificate, public key and private key objects.

    Original Description:

    Original Title

    17717 - Creation of public key object on the eToken

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses the creation of public key objects on eTokens during the certificate enrollment process using CAPI. It notes that while the private key and certificate are created on the token, the public key object is not and instead the public key material can be extracted from the certificate. It provides two examples, the first being enrollment with MSCA which only creates private key and certificate objects, while the second is enrollment with Firefox which creates certificate, public key and private key objects.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views2 pages

    Creation of Public Key Object On The Etoken

    Uploaded by

    Даниил K
    This document discusses the creation of public key objects on eTokens during the certificate enrollment process using CAPI. It notes that while the private key and certificate are created on the token, the public key object is not and instead the public key material can be extracted from the certificate. It provides two examples, the first being enrollment with MSCA which only creates private key and certificate objects, while the second is enrollment with Firefox which creates certificate, public key and private key objects.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    K

    Knowledge Base Article

    Document details – Creation of public key object on the eToken

    Publish Date -
    Revision – 1
    Author – Yoni Salman

    Classification
    Affected products – PKI Client, SAC, token.
    Keywords – Public key, token, CAPI,PKCS#11.

    Problem description: When enrolling certificate to the token with CAPI, the public key
    object is not restored on the token, and cannot be retrieve with PKCS#11 API.

    Problem solution: When enrolling certificate to a token with CAPI, 2 PKCS#11 objects are
    created on the token, the private key and the certificate.
    The PKCS#11 public key is not created on the token; the public key material is part of the
    certificate and can be extracted from the X509 certificate using MS helper functions or a
    deferent API that can extract the public material.

    Examples:
    1. When enrolling token with MSCA, only privet key and certificate objects are created
    on the token.

    © SafeNet Confidential and Proprietary


    K

    Knowledge Base Article

    2. When enrolling token with FireFox (PKCS#11) 3 objects are created on the token:
    Certificate, public key and private key.

    © SafeNet Confidential and Proprietary

    You might also like