EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Error in "Cert.Keymaterial"

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
Posted: 08/20/2012 10:01:58
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

function TClsNFSeTiplan.CreateSignature(aString: string): string;
  InputBuffer, SignBuffer: TMemoryStream;
  S: string;
  Crypto      : TElRSAPublicKeyCrypto;
  KeyMaterial : TELRSAKeyMaterial;
  Cert        : TElX509Certificate;
  i: Integer;

  //License     : TElSBLicenseManager;
  //SBUtils     : TSBLicenseKeyRegKey;
  // Carrega Certificado
  Cert           := TElX509Certificate.Create(nil);
  WinCertStorage := TElWinCertStorage.Create(nil);
  WinCertStorage.SystemStores.Text := 'MY';

  if (Assinador.NumeroSerie <> '') then
    for i := 0 to WinCertStorage.Count - 1 do
      Cert := WinCertStorage.Certificates[i];

      if (BinaryToString(Cert.SerialNumber) = Assinador.NumeroSerie) then

  // Step 1 : SHA1 AString;
  S := CalcHashStr(AString, haSHA1);  //sha1hash(AString, false);

  // Step 2 : Doe RSA met private key van Cert op AString;
  InputBuffer := TMemoryStream.Create;
  InputBuffer.Write(S[1], Length(S));
  InputBuffer.Position := 0;

  SignBuffer := TMemoryStream.Create;

  Crypto := TElRSAPublicKeyCrypto.Create();
  Crypto.InputEncoding  := pkeBinary;
  Crypto.OutputEncoding := pkeBase64;

  KeyMaterial := TELRSAKeyMaterial.Create;

  Crypto.InputIsHash   := True;
  Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA1;
  Crypto.KeyMaterial   := KeyMaterial;

  // Assinatura
  Crypto.SignDetached(InputBuffer, SignBuffer);

  SetLength(S, SignBuffer.Size);
  SignBuffer.Position := 0;
  SignBuffer.Read(S[1], SignBuffer.Size);

  Result := S;

  // Limpa tudo


I have a problema in:

KeyMaterial := TELRSAKeyMaterial.Create;

Cert.Keymaterial awais nil.
What is wrong ?
Posted: 08/20/2012 10:10:38
by Ken Ivanov (EldoS Corp.)

Thank you for getting in touch with us.

Please use the Clone() method instead of Assign() to copy the contents of a certificate object to another object:

WinCertStorage.Certificates[i].Clone(Cert, false);
Posted: 08/20/2012 11:07:42
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

Can´t work too.

"Invalid key material type".

I'm using a certificate A3, could it be?

I need sign a string with RSA-SHA1.
Any have other way ?
Posted: 08/20/2012 11:11:13
by Eugene Mayevski (EldoS Corp.)

Is the private key of your certificate marked as exportable?

Sincerely yours
Eugene Mayevski
Posted: 08/20/2012 11:12:18
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

PrivateKey ( Token A3 )

I´m have based in this post:

Posted: 08/20/2012 11:57:19
by Ken Ivanov (EldoS Corp.)

Can´t work too.
"Invalid key material type".

What exactly call does return this exception?
Posted: 08/20/2012 12:08:17
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17



I found this code is Primitives ( Samples )

StreamKey := TFileStream.Create(editKeyFile.Text, fmOpenRead or fmShareDenyWrite);
          if KeyMaterial is TElRSAKeyMaterial then
            TElRSAKeyMaterial(KeyMaterial).Passphrase := editPassphrase.Text
          else if KeyMaterial is TElDSAKeyMaterial then
            TElDSAKeyMaterial(KeyMaterial).Passphrase := editPassphrase.Text;

Where "editKeyFile.Text" is a Private key container, but i cant have this, because is a A3 certificate private key is a hardware device.
It´s correct ?
Posted: 08/20/2012 13:24:04
by Ken Ivanov (EldoS Corp.)

And what type is Cert.KeyMaterial (Cert.KeyMaterial.ClassName) of?
Posted: 08/20/2012 13:26:24
by Ken Ivanov (EldoS Corp.)

Yes, you can't load the private key residing on a hardware device explicitly (as it is done in Primitives samples), still you can load it implicitly together with the corresponding certificate as you are trying to above. So currently we need to find out what is causing the Invalid Key Material Type exception.
Posted: 08/20/2012 13:35:32
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

Innokentiy Ivanov wrote:
And what type is Cert.KeyMaterial (Cert.KeyMaterial.ClassName) of?

Is TEIPublickeyMaterial.
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.



Topic viewed 3905 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!