EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Private Key not found

Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.
#14218
Posted: 08/18/2010 10:21:29
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Good morning,

I have an USB token for digital sign. Until now I used the internal program to sign our files but now I want to integrate these functions in our internal applications.

We're trying your library but we have a problem. According to your example CMSManager we tried this code :


//Selection of USB Token Certificate from user store
X509Store store = null;
store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection tempCollection = X509Certificate2UI.SelectFromCollection(store.Certificates, "", "", X509SelectionFlag.SingleSelection);
store.Close();


string inputFile = @"c:\test.txt";
string outputFile = @"c:\test.txt.p7m";

FCMS = new TElSignedCMSMessage();
byte[] Data = System.IO.File.ReadAllBytes(inputFile);
FCMS.CreateNew(Data, 0, Data.Length);

int p=FCMS.AddSignature();
TElCMSSignature SIG = FCMS.get_Signatures(p);

SBX509.TElX509Certificate Cert = new SBX509.TElX509Certificate();
Cert.FromX509Certificate2(tempCollection[0]);
SIG.UsePSS = false;
SIG.Sign(Cert, null);


System.IO.FileStream DestStream = new System.IO.FileStream(outputFile, System.IO.FileMode.Create, System.IO.FileAccess.ReadWrite);
FCMS.Save(DestStream);
DestStream.Close();
DestStream.Dispose();



At SIG.Sign(Cert, null) I receive the error "Private Key not found"

probably it can not access the private key because it is needed to enter the Tokes PIN.

How can I fix this?


Many thanks and best regards
#14222
Posted: 08/18/2010 11:34:27
by Eugene Mayevski (EldoS Corp.)

I would suggest removing X509Certificate2UI from equation and using TElWinCertStorage or TElPKCS11CertStorage directly.


Sincerely yours
Eugene Mayevski
#14224
Posted: 08/18/2010 11:37:50
by Ken Ivanov (EldoS Corp.)

Thank you for contacting us.

Quote
Until now I used the internal program to sign our files but now I want to integrate these functions in our internal applications.

How exactly does that internal program perform signing? Does it access certificates via X509Store and X509Certificate2 classes?
#14225
Posted: 08/18/2010 11:46:24
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Quote
Eugene Mayevski wrote:
I would suggest removing X509Certificate2UI from equation and using TElWinCertStorage or TElPKCS11CertStorage directly.


Many thanks for your quick replay.
I'm trying to use TElPKCS11CertStorage like this

SBPKCS11CertStorage.TElPKCS11CertStorage ST = new SBPKCS11CertStorage.TElPKCS11CertStorage();
ST.Open();

but i obtain the error "No PKCS#11 provider DLL has been specified"
and i am not sure on what i have to set on DLLName

Please can you help me?

Many thanks
#14226
Posted: 08/18/2010 11:49:01
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Quote
Innokentiy Ivanov wrote:
Thank you for contacting us.

Quote
Until now I used the internal program to sign our files but now I want to integrate these functions in our internal applications.

How exactly does that internal program perform signing? Does it access certificates via X509Store and X509Certificate2 classes?


I really don't know how the internal(embedded) USB token perform signing, I only know that I obtain a signed file.

I can also say that when the USB token is plugged, a certificate is present on my certificate store

Many thanks and best regards
#14231
Posted: 08/18/2010 13:29:54
by Ken Ivanov (EldoS Corp.)

Let's start with the TElWinCertStorage component. Please replace your code that deals with a system store with the following one:

Code
TElWinCertStorage store = new TElWinCertStorage();
store.AccessType = TSBAccessType.atCurrentUser;
store.ReadOnly = true;
store.SystemStores.BeginUpdate();
try
{
  store.Add("MY");
}
finally
{
  store.SystemStores.EndUpdate();
}
// find the needed certificate by iterating over certificates with the use
// of store.get_Certificates() and store.Count properties.
// ...
// Cert = store.get_Certificates(i);

// Perform signing
// ...


Quote
I really don't know how the internal(embedded) USB token perform signing, I only know that I obtain a signed file.

Got it, thank you. Could you please check the value of Cert.PrivateKeyExists property after obtaining it with the use of TElWinCertStorage component as described above?
#14235
Posted: 08/19/2010 02:27:51
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Quote
Innokentiy Ivanov wrote:
Let's start with the TElWinCertStorage component. Please replace your code that deals with a system store with the following one:

Code
TElWinCertStorage store = new TElWinCertStorage();
store.AccessType = TSBStorageAccessType.atCurrentUser;
store.ReadOnly = true;
store.SystemStores.BeginUpdate();
try
{
  store.Add("MY");
}
finally
{
  store.SystemStores.EndUpdate();
}
// find the needed certificate by iterating over certificates with the use
// of store.get_Certificates() and store.Count properties.
// ...
// Cert = store.get_Certificates(i);

// Perform signing
// ...


Quote
I really don't know how the internal(embedded) USB token perform signing, I only know that I obtain a signed file.

Got it, thank you. Could you please check the value of Cert.PrivateKeyExists property after obtaining it with the use of TElWinCertStorage component as described above?



Hello,
I have a problem with store.Add("MY");

Store.Add has two signature :
Code
public override void Add(TElX509Certificate Certificate, bool CopyPrivateKey);
public void Add(TElX509Certificate Certificate, string StoreName, bool CopyPrivateKey, bool Exportable, bool Protected);


none of them accepts a string. Haw can I solve it?

Many thanks for your support
#14236
Posted: 08/19/2010 07:03:16
by Ken Ivanov (EldoS Corp.)

Sorry, of course that line should have a look of

store.SystemStores.Add("MY");
#14244
Posted: 08/19/2010 09:18:15
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Quote
Innokentiy Ivanov wrote:
Sorry, of course that line should have a look of

store.SystemStores.Add("MY");


Many thanks, in this way it works

Best Regards
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 2842 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!