Hi

We are using ncryptoki to sign PDFs with our Safenet HSM. I have attached the code (VB) below.

Everything worked fine the last years. But now the CA required us to activate FIPS mode on the HSM for the new certificate. Now we get the error -2147483542 at

        pdfSigner.SignPDFFile(infile, selector, outfile)

As said, the only thing that has changed is that the HSM is now in FIPS mode. Do you have any idea of how we have to adapt our code so that it will work again?

Thank you very much

--------------------
Public Shared Function signPdfNCryptoki(ByVal infile As String, ByVal outfile As String) As Boolean
        Dim ErrorCode As Integer = 0
        ErrorCode = erCode + 20

        Try
            'set License Information
            DigitalSigner.Licensee = NDigitSignLicensee
            DigitalSigner.ProductKey = NDigitSignProductKey
            ' Creates a Cryptoki object related to the specific PKCS#11 native library 
            Dim digitalSigner__1 As New DigitalSigner(c.cp.CertDevice.CryptokiPath)

            ' open a session
            digitalSigner__1.OpenSession(c.cp.CertDevice.Slot)

            ' login
            digitalSigner__1.Login(c.cp.CertDevice.Pin)

            Dim selector As ICertificateSelector
            selector = New MySimpleCertificateSelector()

            ' creates a TSA client
            Dim tsaClient As TSAClient = Nothing

            Dim pdfSigner As New PDFDigitalSigner(digitalSigner__1)

            'set parameters
            pdfSigner.AddCACertificate = False
            pdfSigner.TsaClient = tsaClient
            pdfSigner.SignatureReason = c.cp.PDFsignReason
            'pdfSigner.SignatureLocation = c.cp.PDFsignLocation
            'pdfSigner.SignatureContact = ""
            pdfSigner.CAdES = False
            pdfSigner.SignatureOnPage = 1
            pdfSigner.SignaturePositionLowerLeftX = 5
            pdfSigner.SignaturePositionLowerLeftY = 5
            pdfSigner.SignaturePositionUpperRightX = 500
            pdfSigner.SignaturePositionUpperRightY = 50
            pdfSigner.FontSize = 8
            pdfSigner.SignatureImg = Image.FromFile("pdf\jpg\" + c.cp.PDFsignImage)
            'pdfSigner.SignatureMessage = "Signed by NDigitSign"
            If infile = outfile Then
                'rename infile
                System.IO.File.Move(infile, infile + ".tmp")
                infile = infile + ".tmp"
            End If
            'Log.Write("DEBUG", "PDFSigner: START")
            'Log.Write("DEBUG", "Infile: " & infile.ToString)
            'Log.Write("DEBUG", "Outfile: " & outfile.ToString)
            pdfSigner.SignPDFFile(infile, selector, outfile)
            'Log.Write("DEBUG", "PDFSigner: END")
            System.IO.File.Delete(infile)

            digitalSigner__1.Logout()
            digitalSigner__1.CloseSession()
            digitalSigner__1.Finalize()

            signPdfNCryptoki = True

        Catch ex As Exception
            Log.Write("PDF", "ERROR in signing PDF file: " & ex.Message)
            SetStatus(ErrorCode, "ERROR in signing PDF file: " & ex.Message)
            signPdfNCryptoki = False

        Finally

        End Try

    End Function

--------------------

Class MySimpleCertificateSelector
    Implements ICertificateSelector

    Public Function [Select](ByVal session As Session) As Certificate Implements ICertificateSelector.Select

        Dim template As New CryptokiCollection()
        template = New CryptokiCollection()
        template.Add(New ObjectAttribute(ObjectAttribute.CKA_CLASS, CryptokiObject.CKO_CERTIFICATE))
        template.Add(New ObjectAttribute(ObjectAttribute.CKA_CERTIFICATE_TYPE, NCryptoki.X509Certificate.CKC_X_509))
        Dim objs As CryptokiCollection = session.Objects.Find(template, 10)
        'Log.Write("DEBUG", "MySimpleCertifiateSelector: Found Objects " & objs.Count.ToString)
        If objs.Count = 0 Then Throw New Exception("NCryptoki Certificate not found: " & c.cp.CertDevice.ID)
        Return DirectCast(objs.Item(0), Certificate)

    End Function
End Class