Installation in Windows 7 64bit

You must sign in to post in the forums.
10/12/2011 10:03:00 PM
daniele.pagano
Gravatar
Total Posts 3
View Posts

Installation in Windows 7 64bit

Hello,

I am evaluating the product for my company, but having some trouble setting the trial up. I am using Windows 7 64 bit (we will eventually  deploy to Windows 2008 64 bit).

  1. I downloaded and installed NCryptoki-1.5.1.1.exe, but it threw an error during installation and the explorer could not run. I eventually figured out that mygacutil.exe was not present, so I just the normal gacutil for the 64-bit libraries (I tried 32 bit as well, but I did not get as far), which allowed the explorer to work. You may want to look into that.
  2. Since I don't have an hardware HSM yet, I installed VirtualCryptoki-1.0.4.4.exe. The installer was not localized in English, but since I happen to be from Italy (but working in the US) that wasn't a problem, but you may want to fix that. I also noticed it was installed in the x86 program files, unlike the SDK, which in the 64 bit folder.
  3. Running the explorer copy in the virtual hsm folder pre-populated the DLL text box with vcki.dll, but then failed to open, as it found that NCryptokiMngd.dll was in the incorrect format; I tried using the x86 and x64 versions from the SDK install but it did not help.
  4. Using the explorer in the SDK and navigating to C:\Windows\SysWOW64\vcki.dll opened the trial dialog, so I'm guessing the managed assembly was loaded OK. But then I get a message saying that the Cryptoki library was not found, followed by an AccessViolationException. Not populating the file name at all gave first a small error dialog, and then these same errors, so the file was found at some point early on?
  5. I then tried running the sample C# code from the SDK. The projected converted to VS 2010 without problems, but I still got a format error on the managed dll; I pointed the project to the 64 bit version, and as expected I got the trial message box and then the same not found message and access violation exception.

I also tried using Mozilla NSS (installed with Firefox) and SoftHSM (their pre-made windows installer, which I confirmed works from the command line) but I could not use their DLL's with your library. I'm not sure whether they are not in the correct format or if it's caused by something else above. I don't really care as long as one of  them works.

Hopefully this is enough information for you to assist me? I just need to have a software-based proof of concept and then I should be able to buy a site license.

 

Thank you,

Daniele Pagano

Amadeus Revenue Integrity, Tucson AZ

10/12/2011 10:13:15 PM
daniele.pagano
Gravatar
Total Posts 3
View Posts

Re: Installation in Windows 7 64bit

Forgot to mention that in the sample code I also tried copying vcki.dll in the local folder or using a full path, but I always got a not found error.

10/12/2011 11:14:31 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Installation in Windows 7 64bit

Hi,

I'm italian too :) I wrote in english in order to allow others to understand what I wrote.

I know that there are some problems with the setup installer on Windows 64bit. I have to fix them ASAP. By now you may download the .zip version and register the dll "by hand" using gacutil. You may also decide to avoid from the registration in GAC and use the dlls in your code putting them in the working directory of your app.

Then, the current version of Virtual Cryptoki is for 32bit only. This means that if you want to use it as a virtual HSM you have to use the 32bit version of NCryptoki.

The other errors you are mentioning usually happen after more attempts to register the assembly in the GAC. Delete all NCryptoki entries in the GAC folder and use the dll in the zip.

 

My suggestions: delete all the NCryptoki entries in the GAC folder, uninstall the SDK and use the .zip version of the SDK. After that let me know.

Anyway, tomorrow I'll try to do the same on my Windows 7 64bit to see what happen.

Regards,

Ugo Chirico
http://www.ugosweb.com

 

10/13/2011 12:43:35 AM
daniele.pagano
Gravatar
Total Posts 3
View Posts

Re: Installation in Windows 7 64bit

I know you are Italian, I saw your site and LinkedIn profile (io sono ciociaro di famiglia napoletana), but of course English would help your other users.

 

I uninstalled everything (doing that also clears the GAC, which I double-checked), but couldn't get the explorer in the virtual cryptoki to recognize NCryptokiMngd.dll (the one that came with or the one in the lib folder). The one that came in the SDK would work but it still did not "find" vcki.dll; adding x86/x64 versions of the DLL's to its local folder just made things worse.

 

I did however manage to make the sample code work, sort of. When I first run the sample, I get the same format error for the managed assembly, so I modified the build configuration to output an x86 profile instead of Any CPU. Apparently Any CPU tries to load the 64 bit version. With x86 forced, it managed to load vcki.dll and gets all the way to opening a session (line 58 of the sample C# program), at which point I get an INTERNAL_PKCS11_ERROR, possibly because I was unable to configure it with the explorer.

 

At this point, I tried pointing the code to SoftHSM (MSI at http://www.opendnssec.org/download/packages/); I opened a command line to configure a virtual slot and a PIN that matches the code (pretty easy with command-line help), change the constructor parameter to @"C:\SoftHSM\lib\libsofthsm.dll" and it worked! The explorer does not work, however.

 

Next up, I had someone from IT go to http://hsm.utimaco.com/download-center/ and get their free CryptoServer, which is their driver but also has a simulator. Installed it, started the simulator from the Start Menu, started the client, connected to the TCP simulator, then went to Key Management menu, PKCS#11 and created a slot and a pin. I then went to C:\Program Files\Utimaco\SafeGuard CryptoServer\Lib and modified the INI file to sat Device = TCP:3001@127.0.0.1 (which connects to the simulator). The sample code pointed to that DLL does NOT work, I just get the file not found error (tried both its original location and the output directory), but the explorer DID work this time! I was able to connect and login to slot 0 with my pin (there's a bug where you have to Browse to the file every time, the saved value does not work).

 

In conclusion, I will be able to write test code against SoftHSM, so I'm OK, but since the explorer and code don't work on the same library there must be a problem somewhere besides Virtual Cryptoki. Hopefully I gave you enough details so you can reproduce the issues. If you still have time to spare after that, go have a pizza for me :)

 

-Daniele

11/6/2011 5:10:43 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: Installation in Windows 7 64bit

Hi Daniele,

I made some changes on the NCryptoki distribution package and fixed some bugs in NCryptoki (see relnotes), in the Virtual Cryptoki module and in CryptokiExplorer. There was some bugs in Virtual Cryptoki that raised some strange error, like the ones you got.

Remove all NCryptoki registration you did in the GAC and download the latest package (.zip only). You may decide to register NCryptoki in the GAC but consider that it is non strictly needed. Download also the new Virtual Cryptoki setup.

Mainly your problem is due to the fact that on 64bit OS CryptokiExplorer starts as x64 application and it load 64bit dlls only, while Virtual Cryptoki was for 32 bits only (and maybe also SafeNet modules). When an .NET app is compiled as AnyCPU, it starts as 64bit app on a x64 OS.

Let me know what happen with this new versions.

Regards,

Ugo

You must sign in to post in the forums.