Problem In : GenerateKeyPair

You must sign in to post in the forums.
5/3/2011 6:19:16 PM
BlackFox1234
Gravatar
Total Posts 5
View Posts

Problem In : GenerateKeyPair

Dear NCryptoki's Team,

I have a problem in the "GenerateKeyPair" part of your example application "TestNCryptoki"

some times , it throws exception ( error code 5 , general error ) when reach the code line :

Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN, templatePub, templatePri);

sometimes else , it enters this code line and never moves to next line nor throw exception

i use the library with RSA Secure ID ( SID 800 )

can you please provide me with informations about this problem ?
 

5/4/2011 12:38:22 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Problem In : GenerateKeyPair

Hi,

GenerateKeyPair function takes the public and private key template that is used by the underlying PKCS#11 to generate a key pair.

Each PKCS#11 module/token wants a well defined set of attributes in both templates. In the sample code you are using I put some of the attributes that works with most of PKCS#11 tokens, but, as may be in your case, sometime they don't fit the requirements of the underlying PKCS#11 module.

Try to change the attributes in the tamplates and refer to the RSA Secure ID ( SID 800 ) reference manual.

Regards,

Ugo Chirico

5/4/2011 1:06:03 PM
BlackFox1234
Gravatar
Total Posts 5
View Posts

Re: Problem In : GenerateKeyPair

Dear UGO

 

thanks for your respone ,

but i need to ask you one more question

 

do i have to insert a certificate first in the token before calling GenerateKeyPair , or it's token dependent ?

5/11/2011 12:10:18 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Problem In : GenerateKeyPair

No, you cannot create a certificate before generating a key pair because the certificate contains a public key.

11/15/2011 1:10:58 PM
Jinadev
Gravatar
Total Posts 5
View Posts

Re: Problem In : GenerateKeyPair

Hi BlackFox,

I am using NCryptoki trial version, i have created token and loged in but for "Search for some objects" the value of  objects.Count =0 So ,added the code for Generating a key pair but there is an error occured during the creation of generate the key pair objects (Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN,templatePub,templatePri);) .The error code is "Error n. 208".
I am using  windows 7.  Here is my code for generating key pair. please give me a solution for this.

my code is.

CryptokiCollection templatePub = new CryptokiCollection();
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PUBLIC_KEY));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_DERIVE,false));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_ENCRYPT,true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_LOCAL, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_MODIFIABLE,true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_MODULUS_BITS,0));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE,false));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_VERIFY, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_VERIFY_RECOVER, false));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_WRAP, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "jina's pubkey"));
CryptokiCollection templatePri = new CryptokiCollection();
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_DECRYPT, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_DERIVE, false));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_EXTRACTABLE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_LOCAL,true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_MODIFIABLE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_NEVER_EXTRACTABLE, false));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_SENSITIVE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_SIGN, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_SIGN_RECOVER, false));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_UNWRAP, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "jina's priKey"));


Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN, templatePub, templatePri);
MessageBox.Show(keys.Length.ToString());

 

 

 

 

You must sign in to post in the forums.