I'm building a CertificateListBuilder but it requires the python-pkcs11.types.PrivateKey to be an instance of asn1crypto.keys.PrivateKeyInfo or oscrypto.asymmetric.PrivateKey.
How to do it? Is it possible?
Besides, I'd like to know if the private key used for signing the CRL can be different from the subject key identifier of it's issuer. To clarify: I have a usb Token that has some certificates inside(the chain of trust). In this token, I have a certificate(let's call it as "A" certificate) with cA:False. This "A" certificate don't have the subject key identifier extension, so I will use subject key identifier of the "A" certificate's Issuer.
I have to use this "A" certificate to sign attribute certificates (RFC 5755). I'm using the CertificateListBuilder from https://github.com/wbond/crlbuilder and it requires that the private key be one of the instances above to sign the crl.
So, even I can make the conversion of the python-pkcs11 RsaPrivateKey to one of those instances, I'd like to know if it will be alright, because the Certificate Revocation List will be signed with the "A" certificate's private key but will have subject key identifier of the "A" certificate's Issuer.
