<link>http://ncryptoki.com/forum.aspx</link> <description /> <docs>http://www.rssboard.org/rss-specification</docs> <generator>mojoPortal Forum module</generator> <item> <title>Re: Certificate and PrivateKey with NCryptoki Thanks for answer. I'm trying to create soap message and sign it by using NCryptoki as a XML signature. I saw topic on http://www.ncryptoki.com/Forums/Thread.aspx?pageid=9&mid=22&ItemID=1&thread=164 that is about nearly same things what i need to do.

I have already done;

1) calculate the digest value and reference back to both fields (body and timestamp) in the SignedInfo.  OK
2) get the hash SHA256 value of the SignedInfo element.  OK
3) calculate the DigestInfo using the hash at item 2), specifing as digest algo SHA256   ?????? NOK

Also you describe DigestInfo as 

DigestInfo ::= SEQUENCE {
digestAlgorithm DigestAlgorithmIdentifier,
digest Digest
}
DigestAlgorithmIdentifier ::= AlgorithmIdentifier
Digest ::= OCTET STRING 

 

But i don't know how to create/calculate DigestInfo by using C#. Is there any library that i have to use ?? OR is there any example C# code for this?

Any help would be much appreciated. Thanks...

]]>
http://ncryptoki.com/Forums/Thread.aspx?pageid=9&t=178~-1#post754 scarlet_5 http://ncryptoki.com/Forums/Thread.aspx?pageid= Wed, 31 Dec 2014 09:07:25 GMT Re: Certificate and PrivateKey with NCryptoki You cannot read the content of a private key from the card if it is set as not exportable / extractable.

This isn't a limitation of NCryptoki. This is the normal behavior of a PKCS#11 module/token.

The PrivateKey object you got with your code is an handler to PrivateKey in the smart card. It has the properties of the PrivateKey but not the content. If you try to read the content (I meand modulus, private exponent etc.) you get an error because you cannot read it.

 

 

]]>
http://ncryptoki.com/Forums/Thread.aspx?pageid=9&t=178~-1#post735 scarlet_5 http://ncryptoki.com/Forums/Thread.aspx?pageid= Tue, 16 Dec 2014 10:42:08 GMT
Certificate and PrivateKey with NCryptoki Hi,

I need to get X509Certificate2 from smart card by using NCryptoki. I ll use this certificate in my wcf client application to create WS-Security.

I'm getting certificate as: STEP-1

            template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_CERTIFICATE));
            template.Add(new ObjectAttribute(ObjectAttribute.CKA_CERTIFICATE_TYPE, Certificate.CKC_X_509));
            CryptokiCollection object2 = session.Objects.Find(template, 2);
            if (object2.Count > 0)
            {
                Cryptware.NCryptoki.X509Certificate NCryptokiCertificate = (Cryptware.NCryptoki.X509Certificate)object2[0];
                var cert = Cryptware.NCryptoki.Utils.ConvertCertificate(NCryptokiCertificate);
            }

But private key of this certificate is null - as expected, because it's not exportable /extractable.

Also i can get private key with following code : STEP-2

            template.Add(new ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_PRIVATE_KEY));
            template.Add(new ObjectAttribute(ObjectAttribute.CKA_KEY_TYPE, Key.CKK_RSA));
            template.Add(new ObjectAttribute(ObjectAttribute.CKA_LABEL, "LABELNAME"));

            CryptokiCollection objects = session.Objects.Find(template, 10);
            if (objects.Count > 0)
            {
                RSAPrivateKey privateKey = (RSAPrivateKey)objects[objects.Count - 1];
            }

 

So my question is that how can i set this RSAPrivateKey privateKey  to certificate's private key which i already get in STEP-1 ?

cert.PrivateKey = privateKey   ???

Is there any conversion for these types (RSAPrivateKey to AsymmetricAlgorithm) ? Or it's impossible?

Any help would be much appreciated. Thanks...

 

 

]]>
http://ncryptoki.com/Forums/Thread.aspx?pageid=9&t=178~-1#post732 scarlet_5 http://ncryptoki.com/Forums/Thread.aspx?pageid= Thu, 04 Dec 2014 09:11:19 GMT