Use Ncryptoki to sign with PFX

You must sign in to post in the forums.
12/15/2011 12:43:32 AM
Sylpho
Gravatar
Total Posts 2
View Posts

Use Ncryptoki to sign with PFX

I havent found an example that shows me how to use the Ncryptoki Wrapper to sign with PFX, can you provide me one or send how can i find it?, as i have read the information of this link: http://wiki.ncryptoki.com/How-to-import-a-pfx-or-a-p12-file.ashx shows how to import it but how i use it in the method Sign?

1/3/2012 7:59:44 PM
Boster
Gravatar
Total Posts 3
View Posts

Re: Use Ncryptoki to sign with PFX

an answer to this issue is urgent!

1/4/2012 9:07:59 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Use Ncryptoki to sign with PFX

You can find an example on how to sign a text using the private key in C# example in the SDK.

Once you have imported a pfx you can sign by this snippet :

 // prepares for the signature
string helloworld = "Hello World";
byte[] text = Encoding.ASCII.GetBytes(helloworld);
               
// launches the digital signature operation with a RSA_PKCS mechanism
nRes = session.SignInit(Mechanism.SHA1_RSA_PKCS, privateKey);

// computes the signature
byte[] signature = session.Sign(text);

// launches the digital signature verification with a RSA_PKCS mechanism                
nRes = session.VerifyInit(Mechanism.SHA1_RSA_PKCS, publicKey);

// verifies the signature
nRes = session.Verify(text, signature);

// results if nRes == 0 means that the verification is OK
Console.Write("Verified " + (nRes == 0));
1/4/2012 5:53:40 PM
Boster
Gravatar
Total Posts 3
View Posts

Re: Use Ncryptoki to sign with PFX

I use this code for extract Private Key of .pfx file.

private bool importKeyPair(X509Certificate2 cert, string id, string label, bool priv, bool modifiable)
{
if (!cert.HasPrivateKey)
{
showError("Certificate doesn't have private key. Import failed!");
return false;
}

AsymmetricAlgorithm keyPair = cert.PrivateKey;

if (keyPair is RSA)
{
RSAParameters keyParams = ((RSA)keyPair).ExportParameters(true);
CryptokiCollection template = new CryptokiCollection();
template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_SUBJECT, cert.SubjectName.RawData));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_ID, id));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, label));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_TOKEN, true));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_MODULUS, keyParams.Modulus));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_PUBLIC_EXPONENT, keyParams.Exponent));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE_EXPONENT, keyParams.D));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_PRIVATE, priv));
template.Add(new ObjectAttribute(ObjectAttribute.CKA_MODIFIABLE, modifiable));
CryptokiObject priKey = CurrentSession.Objects.Create(template);
}

return true;

}

 

But i have error in line  " RSAParameters keyParams = ((RSA)keyPair).ExportParameters(true);"

this error is "Key not valid for use in specified state."

an answer to this issue??

1/9/2012 11:38:41 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Use Ncryptoki to sign with PFX

this is issue is not related to NCryptoki. It is related to MS crypto engine.

Check this to see if it solves your problem:

http://www.zomeon.com/949727/bouncycastle-rsaprivatekey-to-net-rsaprivatekey

1/10/2012 6:26:32 PM
Boster
Gravatar
Total Posts 3
View Posts

Re: Use Ncryptoki to sign with PFX

problem solved successfully, thanks!

 

But I have new Error in line "CryptokiObject priKey = CurrentSession.Objects.Create(template);"  this error is Error n.209

 

Any help please!

You must sign in to post in the forums.