EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Private Key not found

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#14218
Posted: 08/18/2010 10:21:29
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Good morning,

I have an USB token for digital sign. Until now I used the internal program to sign our files but now I want to integrate these functions in our internal applications.

We're trying your library but we have a problem. According to your example CMSManager we tried this code :


//Selection of USB Token Certificate from user store
X509Store store = null;
store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection tempCollection = X509Certificate2UI.SelectFromCollection(store.Certificates, "", "", X509SelectionFlag.SingleSelection);
store.Close();


string inputFile = @"c:\test.txt";
string outputFile = @"c:\test.txt.p7m";

FCMS = new TElSignedCMSMessage();
byte[] Data = System.IO.File.ReadAllBytes(inputFile);
FCMS.CreateNew(Data, 0, Data.Length);

int p=FCMS.AddSignature();
TElCMSSignature SIG = FCMS.get_Signatures(p);

SBX509.TElX509Certificate Cert = new SBX509.TElX509Certificate();
Cert.FromX509Certificate2(tempCollection[0]);
SIG.UsePSS = false;
SIG.Sign(Cert, null);


System.IO.FileStream DestStream = new System.IO.FileStream(outputFile, System.IO.FileMode.Create, System.IO.FileAccess.ReadWrite);
FCMS.Save(DestStream);
DestStream.Close();
DestStream.Dispose();



At SIG.Sign(Cert, null) I receive the error "Private Key not found"

probably it can not access the private key because it is needed to enter the Tokes PIN.

How can I fix this?


Many thanks and best regards
#14222
Posted: 08/18/2010 11:34:27
by Eugene Mayevski (EldoS Corp.)

I would suggest removing X509Certificate2UI from equation and using TElWinCertStorage or TElPKCS11CertStorage directly.


Sincerely yours
Eugene Mayevski
#14224
Posted: 08/18/2010 11:37:50
by Ken Ivanov (EldoS Corp.)

Thank you for contacting us.

Quote
Until now I used the internal program to sign our files but now I want to integrate these functions in our internal applications.

How exactly does that internal program perform signing? Does it access certificates via X509Store and X509Certificate2 classes?
#14225
Posted: 08/18/2010 11:46:24
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Quote
Eugene Mayevski wrote:
I would suggest removing X509Certificate2UI from equation and using TElWinCertStorage or TElPKCS11CertStorage directly.


Many thanks for your quick replay.
I'm trying to use TElPKCS11CertStorage like this

SBPKCS11CertStorage.TElPKCS11CertStorage ST = new SBPKCS11CertStorage.TElPKCS11CertStorage();
ST.Open();

but i obtain the error "No PKCS#11 provider DLL has been specified"
and i am not sure on what i have to set on DLLName

Please can you help me?

Many thanks
#14226
Posted: 08/18/2010 11:49:01
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Quote
Innokentiy Ivanov wrote:
Thank you for contacting us.

Quote
Until now I used the internal program to sign our files but now I want to integrate these functions in our internal applications.

How exactly does that internal program perform signing? Does it access certificates via X509Store and X509Certificate2 classes?


I really don't know how the internal(embedded) USB token perform signing, I only know that I obtain a signed file.

I can also say that when the USB token is plugged, a certificate is present on my certificate store

Many thanks and best regards
#14231
Posted: 08/18/2010 13:29:54
by Ken Ivanov (EldoS Corp.)

Let's start with the TElWinCertStorage component. Please replace your code that deals with a system store with the following one:

Code
TElWinCertStorage store = new TElWinCertStorage();
store.AccessType = TSBAccessType.atCurrentUser;
store.ReadOnly = true;
store.SystemStores.BeginUpdate();
try
{
  store.Add("MY");
}
finally
{
  store.SystemStores.EndUpdate();
}
// find the needed certificate by iterating over certificates with the use
// of store.get_Certificates() and store.Count properties.
// ...
// Cert = store.get_Certificates(i);

// Perform signing
// ...


Quote
I really don't know how the internal(embedded) USB token perform signing, I only know that I obtain a signed file.

Got it, thank you. Could you please check the value of Cert.PrivateKeyExists property after obtaining it with the use of TElWinCertStorage component as described above?
#14235
Posted: 08/19/2010 02:27:51
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Quote
Innokentiy Ivanov wrote:
Let's start with the TElWinCertStorage component. Please replace your code that deals with a system store with the following one:

Code
TElWinCertStorage store = new TElWinCertStorage();
store.AccessType = TSBStorageAccessType.atCurrentUser;
store.ReadOnly = true;
store.SystemStores.BeginUpdate();
try
{
  store.Add("MY");
}
finally
{
  store.SystemStores.EndUpdate();
}
// find the needed certificate by iterating over certificates with the use
// of store.get_Certificates() and store.Count properties.
// ...
// Cert = store.get_Certificates(i);

// Perform signing
// ...


Quote
I really don't know how the internal(embedded) USB token perform signing, I only know that I obtain a signed file.

Got it, thank you. Could you please check the value of Cert.PrivateKeyExists property after obtaining it with the use of TElWinCertStorage component as described above?



Hello,
I have a problem with store.Add("MY");

Store.Add has two signature :
Code
public override void Add(TElX509Certificate Certificate, bool CopyPrivateKey);
public void Add(TElX509Certificate Certificate, string StoreName, bool CopyPrivateKey, bool Exportable, bool Protected);


none of them accepts a string. Haw can I solve it?

Many thanks for your support
#14236
Posted: 08/19/2010 07:03:16
by Ken Ivanov (EldoS Corp.)

Sorry, of course that line should have a look of

store.SystemStores.Add("MY");
#14244
Posted: 08/19/2010 09:18:15
by gianluca avella (Basic support level)
Joined: 08/18/2010
Posts: 5

Quote
Innokentiy Ivanov wrote:
Sorry, of course that line should have a look of

store.SystemStores.Add("MY");


Many thanks, in this way it works

Best Regards
Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.

Reply

Statistics

Topic viewed 2844 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!