Problem in Creation of key pair objects

You must sign in to post in the forums.
11/14/2011 6:33:37 AM
Jinadev
Gravatar
Total Posts 5
View Posts

Problem in Creation of key pair objects

Hi Ugo,

I am using NCryptoki trial version, i have created token and loged in but for "Search for some objects" the value of  objects.Count =0 So ,added the code for Generating a key pair but there is an error occured during the creation of generate the key pair objects (Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN,templatePub,templatePri);) .The error code is "Error n. 208".
I am using  windows 7.  Here is my code for generating key pair. please give me a solution for this.

CryptokiCollection template = new CryptokiCollection();
template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS,CryptokiObject.CKO_PRIVATE_KEY));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
// Launchs the search specifying the template just created
CryptokiCollection objects = session.Objects.Find(template,10);

MessageBox.Show("objects.Count=" + objects.Count);
for (int i = 0; i < objects.Count; i++)
{
MessageBox.Show(((PrivateKey)objects[i]).Label);
}
RSAPrivateKey privateKey;

if (objects.Count == 0)
{
CryptokiCollection templatePub = new CryptokiCollection();
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS,
CryptokiObject.CKO_PUBLIC_KEY));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));

CryptokiCollection templatePri = new CryptokiCollection();
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS,
CryptokiObject.CKO_PRIVATE_KEY));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "Ugo's new Key"));
//gets the first object

Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN,templatePub,templatePri);                  
MessageBox.Show("key count=" + keys.Length);
privateKey = (RSAPrivateKey)keys[1];
MessageBox.Show("privateKey" + privateKey.ToString());
}





 

11/14/2011 10:06:24 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Problem in Creation of key pair objects

You got objects.count = 0 because the template you use to serach for a key doesn't match to any object in the token.

Then, the  error 208 (0xD0) means CKR_TEMPLATE_INCOMPLETE, i.e. the template you are using to create an RSA key pair is incomplete. This happen when your underlying native PKCS#11 module wants some more attributes in the template to generate the key pair. Refer to the documentation of your PKCS#11 native module to see what other attributes are required.

11/14/2011 7:28:06 PM
Jinadev
Gravatar
Total Posts 5
View Posts

Re: Problem in Creation of key pair objects

Hi Ugo,
I have  added more ObjectAttribute to template and create a Data object and getting objects.count >0 , but still am getting the same error  "Error n,208" on creation of key pairs. please give me more details about KeyPair creation and what are the ObjectAttribute are using for KeyPair creation.

11/15/2011 12:10:55 PM
Jinadev
Gravatar
Total Posts 5
View Posts

Re: Problem in Creation of key pair objects

Hi ugo,

I have  added more ObjectAttribute to the templates but the same error "Error n,208" will be occurred, if there is any more Attributes to added to the templates ?? please give me a response.

my code is, 

CryptokiCollection templatePub = new CryptokiCollection();
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PUBLIC_KEY));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_DERIVE,false));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_ENCRYPT,true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_LOCAL, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_MODIFIABLE,true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_MODULUS_BITS,0));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE,false));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_VERIFY, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_VERIFY_RECOVER, false));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_WRAP, true));
templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "jina's pubkey"));


 

CryptokiCollection templatePri = new CryptokiCollection();
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_DECRYPT, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_DERIVE, false));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_EXTRACTABLE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_LOCAL,true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_MODIFIABLE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_NEVER_EXTRACTABLE, false));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_SENSITIVE, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_SIGN, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_SIGN_RECOVER, false));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_UNWRAP, true));
templatePri.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "jina's priKey"));


Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN, templatePub, templatePri);Key[] keys = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN, templatePub, templatePri);
 

 

 

 

 

11/15/2011 3:18:17 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Problem in Creation of key pair objects

What token/HSM are you using?

Also, remove CKA_MODULUS_BITS from the public key attributes

11/15/2011 4:47:32 PM
Jinadev
Gravatar
Total Posts 5
View Posts

Re: Problem in Creation of key pair objects

Hi Ugo,

As your suggestion i have removed " CKA_MODULUS_BITS " from the public key attributes, But the same error is occurred.

I Am also goes through the document code but i can't create key pairs am stuck in the key creation part. Its very urgent for me and  U are the only hope for me so please... please.. give me a solution.

My token details from the code are given below.

Token Name:ActivCard Gold 0 
Token ManufacturerID:Oberthur
Token Model:CosmopolIC 64K V
Token SerialNumber:***************
Token HardwareVersion:1.0

11/15/2011 5:12:13 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Problem in Creation of key pair objects

try to add this in the public key template:

templatePub.Add(new ObjectAttribute(ObjectAttribute.CKA_MODULUS_BITS,1024));

it generates a 1024 bit key pair.

You must sign in to post in the forums.