Hi.

I'm currently developping a software that will be used to encrypt, decrypt and sign documents using pkcs #11 (with RSA algorithm).

I sucessfully encrypt, decrypt and compute md5 fingerprint of a file. My problem is about the signature of a document.

When I try to use the C_Sign function provided by the pkcs API, I got a stack overflow with the following code:
/*pDigest is a buffer storing the md5 fingerprint*/
CK_MECHANISM MechSign = {CKM_RSA_PKCS, NULL_PTR, 0};
rv = pFunctionList->C_SignInit(hSession,&MechSign,hPrivateKey[0]);
if (rv!=CKR_OK) throw "Unable to init signature";
rv = pFunctionList->C_Sign(hSession,pDigest,ulDigestLen,pSignature,&ulSignatureLen);
if (rv!=CKR_OK) throw "Unable to sign";
As this function didn't work, I used the following algorithm: Compute the md5 fingerprint, Encrypt the md5 fingerprint with the private key located in the token (an USB key in my case). Everything seems to work fine. My problem is how should I do to extract the public key from the token in order to include it in the header part of the file I'll generate? And, as a consequence, How can I use this key so that the signature can be checked?

I did several search but I didn't manage to find a solution. I'm totally new to cryptography world so I hope my question isn't too "noob"

Thanks in advance