Hi
I have problems to encrypt a string. see my code below.
I get the following Error message when trying.
OPERATION_NOT_INITIALIZED
Error n. 145
at Cryptware.NCryptoki.Session.Encrypt(Byte[] data) at RSA_HSM.Contracts.V1.SessionKey.GetSessionKey.GetSessionKey(GetSessionKeyRequest Request) in C:\BCS\Windows Applications\Web\RSA HSM\RSA HSM\GetSessionKey\GetSessionKey.vb:line 109
Code
===
If objects.Count > 0 Then privateKey = CType(objects(objects.Count - 1), RSAPrivateKey)
template = New CryptokiCollection() template.Add(New ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PUBLIC_KEY)) template.Add(New ObjectAttribute(ObjectAttribute.CKA_LABEL, "MGERRSA")) template.Add(New ObjectAttribute(ObjectAttribute.CKA_ID, "1"))
objects = session.Objects.Find(template, 1) publicKey = CType(objects(0), RSAPublicKey)
MsgBox(publicKey.KeyType.ToString() + " " + publicKey.KeyTypeName.ToString())
Dim text(1024) As Byte Dim encrypted() As Byte
text = Encoding.ASCII.GetBytes(TotalString)
nRes = session.EncryptInit(Mechanism.RSA_PKCS, privateKey)
encrypted = session.Encrypt(text)
End If
Best regards
Magnus
'Dim templatePub As New CryptokiCollection()
'templatePub.Add(New ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PUBLIC_KEY)) 'templatePub.Add(New ObjectAttribute(ObjectAttribute.CKA_TOKEN, True)) 'templatePub.Add(New ObjectAttribute(ObjectAttribute.CKA_PRIVATE, False)) 'templatePub.Add(New ObjectAttribute(ObjectAttribute.CKA_LABEL, "MGERRSA")) 'templatePub.Add(New ObjectAttribute(ObjectAttribute.CKA_ID, "1")) 'templatePub.Add(New ObjectAttribute(ObjectAttribute.CKA_MODULUS_BITS, 1024)) 'templatePub.Add(New ObjectAttribute(ObjectAttribute.CKA_PUBLIC_EXPONENT, &H10001))
'Dim templatePri As New CryptokiCollection()
'templatePri.Add(New ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY)) 'templatePri.Add(New ObjectAttribute(ObjectAttribute.CKA_TOKEN, True)) 'templatePri.Add(New ObjectAttribute(ObjectAttribute.CKA_PRIVATE, True)) 'templatePri.Add(New ObjectAttribute(ObjectAttribute.CKA_LABEL, "MGERRSA")) 'templatePri.Add(New ObjectAttribute(ObjectAttribute.CKA_ID, "1"))
'Dim keys As Key() = session.GenerateKeyPair(Mechanism.RSA_PKCS_KEY_PAIR_GEN, templatePub, templatePri)
usually you cannot encrypt by private Key. Encryption must be done by public key.
If you check the return value of this call:
you will see that nRes is not 0
Hi, thanks for the quick reply.
I changed it so that I encrypt with publicKey instead, but I still get the same errormessage
What is the value of nRes after this call:
nRes = session.EncryptInit(Mechanism.RSA_PKCS, publicKey);
hi,
the value of nres is 104
104 means CKR_KEY_FUNCTION_NOT_PERMITTED
This means that with your token you cannot encrypt using the given mechanism with the given key.
OK, thanks for the answer.
Is there any way to find out what can be be done (what mechanisms) with my token?
This depends on what you have to do.
What kind of encryption you have to do?
What kind of data you need to encrypt?
well, we would like to use the RSA_PKCS mechanism. is there something in the key creation phase that needs to be set apart from the basics that are provided in 2nd post to make that happen, is there something that is missed out?
the data we need to encrypt is string consisting of various parts (date, time, randomnumber, socsec no)... around 37 chars long
try to add the attibutes:
CKA_ENCRYPT, true
in the public key template
and
CKA_DECRYPT, true
in the private key template