RSACryptoServiceProvider and ncryptoki

You must sign in to post in the forums.
6/29/2012 2:59:05 PM
liber
Gravatar
Total Posts 4
View Posts

RSACryptoServiceProvider and ncryptoki

Hi,

I can't find a solution how to digitaly sign xml document using private key and certificate retrieved from HSM using ncryptoki. Is it possible to convert Cryptware.Cryptoki.PrivateKey or Cryptware.Cryptoki.RsaPrivateKey to .NET RSACryptoServiceProvider? Maybe there is other way to do this?

 

Thank you for your help

Andrzej

6/29/2012 4:54:45 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: RSACryptoServiceProvider and ncryptoki

Do you need PKCS#1 signature or PKCS#7 signature?

In the first case you can use Session.SignInit and Session.Sign to sign a document. In the second case you need to use NDigitSign library, that you can find in the download section, in addition to NCryptoki.

 

 

6/30/2012 10:09:39 AM
liber
Gravatar
Total Posts 4
View Posts

Re: RSACryptoServiceProvider and ncryptoki

Hi,

I need a W3C standard xml, something like this attached to orignial xml file:

<Signature ID?>
<SignedInfo>
<CanonicalizationMethod/>
<SignatureMethod/>
(<Reference URI? >
(<Transforms>)?
<DigestMethod>
<DigestValue>
</Reference>)+
</SignedInfo>
<SignatureValue>
(<KeyInfo>)?
(<Object ID?>)*
</Signature>

I would like to use .NET native classes from System.Security.Cryptography.Xml or any other library, I'm not good enaugh to create signature from scratch.

I found a solution in here http://msdn.microsoft.com/en-us/library/ms229745.aspx, but I need to use RSACryptoServiceProvider wich I don't know how to create from objects from HSM retrived by ncryptoki.

I would be grateful for your help.

Andrzej

6/30/2012 10:22:40 AM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: RSACryptoServiceProvider and ncryptoki

Ok. you need standard XML signature, like XAdES.

RSACryptoServiceProvider and NCryptoki are not compatible. RSACryptoServiceProvider uses CSP, NCryptoki works with PKCS#11 module.

XML Signature has a PKCS#1 value in the XML field Signature. To produce such a field you can use Session.SignInit, Session.Sign.

The rest of the XML fields are here: http://www.w3.org/TR/xmldsig-core/

 

2/25/2014 5:15:50 PM
sebastian.amaro90
Gravatar
Total Posts 1
View Posts

Re: RSACryptoServiceProvider and ncryptoki

Hi! i ve been looking through the NCryptoki API  but i cant figure out how do i sign a bunch of text with XADES standard....

I ve found NDigitSign, but it only signs on CADES and i need XADES.

 

thanks!

 

You must sign in to post in the forums.