如何通过PKCS#11 API从eToken获取私钥?
[英]How can I get the private key from the eToken by PKCS#11 API?
问题描述
Currently, I have developed two desktop applications, one is C++ another is C# . 
目前,我已经开发了两个桌面应用程序,一个是C++另一个是C# 。 The certificates have been stored in eToken and marked as non-exportable 证书已存储在eToken并标记为不可导出
I would like to get the private key from eToken through PKCS#11 library and transform or copy the private key into memory stream or byte array structures, and then pass the key object to the third party cryptography API ( BC/OpenSSL ) for data encryption/decryption. 我想通过PKCS#11库从eToken中获取私钥,并将私钥转换或复制到内存流或字节数组结构中,然后将密钥对象传递给第三方加密API( BC/OpenSSL )进行数据加密/解密。
How can I view or get the private key from the eToken which marked as non-exportable? 如何查看或获取从eToken标记为不可导出的私钥?
1 个解决方案
解决方案1
3 2017-02-15 08:50:16
You can't extract a private key marked as non-exportable from your token and that's why is used. 您无法从令牌中提取标记为不可导出的私钥,这就是为什么要使用它。 If you need to perform some operation you must send data to the token and then retrieve the result. 如果需要执行某些操作,则必须将数据发送到令牌,然后检索结果。
At least you could read the certificate inside the USB using the X509Store class (C#) 至少您可以使用X509Store类(C#)读取USB内部的证书
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.