[gnutls-help] Exporting Private Key from a USB Token
Mandar Joshi
emailmandar at gmail.com
Wed Feb 8 01:45:08 CET 2017
I am using an ePass2003 USB Token in a network application.
The private key on the token has been generated on the token. This is
because I haven't been able to use --load-privkey to write a PEM for
Key to this token. Does anybody have an idea why this may be? The
error I get is
-----------------------------------------------------------------------------------------------
Error in pkcs11_write:723: The requested PKCS #11 object is not available
-----------------------------------------------------------------------------------------------
The certificate gets written and is exportable as given in the GnuTLS docs.
I would like to able to export the private key in PEM format. But from
what I know, I don't think it's possible if the private key has been
generated on the USB token. Am I correct? The error code I get while
trying to export a private key is -56.
I would appreciate any suggestions on how I can speed up access to the
certificate and private key stored on a USB Token.
Also, are private keys written to USB Tokens not exportable using any
library/toolkit for (eg. openssl, pkccs#11 API etc) or is it just with
GnuTLS?
I have used various SmartCards using APDUs in PCSC-LIte directly. This
is the first time I am using a higher level API to communicate with a
token.
Regards
Mandar Joshi
More information about the Gnutls-help
mailing list