EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Error in "Cert.Keymaterial"

Also by EldoS: CallbackProcess
A component to control process creation and termination in Windows and .NET applications.
Posted: 08/20/2012 10:01:58
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

function TClsNFSeTiplan.CreateSignature(aString: string): string;
  InputBuffer, SignBuffer: TMemoryStream;
  S: string;
  Crypto      : TElRSAPublicKeyCrypto;
  KeyMaterial : TELRSAKeyMaterial;
  Cert        : TElX509Certificate;
  i: Integer;

  //License     : TElSBLicenseManager;
  //SBUtils     : TSBLicenseKeyRegKey;
  // Carrega Certificado
  Cert           := TElX509Certificate.Create(nil);
  WinCertStorage := TElWinCertStorage.Create(nil);
  WinCertStorage.SystemStores.Text := 'MY';

  if (Assinador.NumeroSerie <> '') then
    for i := 0 to WinCertStorage.Count - 1 do
      Cert := WinCertStorage.Certificates[i];

      if (BinaryToString(Cert.SerialNumber) = Assinador.NumeroSerie) then

  // Step 1 : SHA1 AString;
  S := CalcHashStr(AString, haSHA1);  //sha1hash(AString, false);

  // Step 2 : Doe RSA met private key van Cert op AString;
  InputBuffer := TMemoryStream.Create;
  InputBuffer.Write(S[1], Length(S));
  InputBuffer.Position := 0;

  SignBuffer := TMemoryStream.Create;

  Crypto := TElRSAPublicKeyCrypto.Create();
  Crypto.InputEncoding  := pkeBinary;
  Crypto.OutputEncoding := pkeBase64;

  KeyMaterial := TELRSAKeyMaterial.Create;

  Crypto.InputIsHash   := True;
  Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA1;
  Crypto.KeyMaterial   := KeyMaterial;

  // Assinatura
  Crypto.SignDetached(InputBuffer, SignBuffer);

  SetLength(S, SignBuffer.Size);
  SignBuffer.Position := 0;
  SignBuffer.Read(S[1], SignBuffer.Size);

  Result := S;

  // Limpa tudo


I have a problema in:

KeyMaterial := TELRSAKeyMaterial.Create;

Cert.Keymaterial awais nil.
What is wrong ?
Posted: 08/20/2012 10:10:38
by Ken Ivanov (Team)

Thank you for getting in touch with us.

Please use the Clone() method instead of Assign() to copy the contents of a certificate object to another object:

WinCertStorage.Certificates[i].Clone(Cert, false);
Posted: 08/20/2012 11:07:42
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

Can´t work too.

"Invalid key material type".

I'm using a certificate A3, could it be?

I need sign a string with RSA-SHA1.
Any have other way ?
Posted: 08/20/2012 11:11:13
by Eugene Mayevski (Team)

Is the private key of your certificate marked as exportable?

Sincerely yours
Eugene Mayevski
Posted: 08/20/2012 11:12:18
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

PrivateKey ( Token A3 )

I´m have based in this post:

Posted: 08/20/2012 11:57:19
by Ken Ivanov (Team)

Can´t work too.
"Invalid key material type".

What exactly call does return this exception?
Posted: 08/20/2012 12:08:17
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17



I found this code is Primitives ( Samples )

StreamKey := TFileStream.Create(editKeyFile.Text, fmOpenRead or fmShareDenyWrite);
          if KeyMaterial is TElRSAKeyMaterial then
            TElRSAKeyMaterial(KeyMaterial).Passphrase := editPassphrase.Text
          else if KeyMaterial is TElDSAKeyMaterial then
            TElDSAKeyMaterial(KeyMaterial).Passphrase := editPassphrase.Text;

Where "editKeyFile.Text" is a Private key container, but i cant have this, because is a A3 certificate private key is a hardware device.
It´s correct ?
Posted: 08/20/2012 13:24:04
by Ken Ivanov (Team)

And what type is Cert.KeyMaterial (Cert.KeyMaterial.ClassName) of?
Posted: 08/20/2012 13:26:24
by Ken Ivanov (Team)

Yes, you can't load the private key residing on a hardware device explicitly (as it is done in Primitives samples), still you can load it implicitly together with the corresponding certificate as you are trying to above. So currently we need to find out what is causing the Invalid Key Material Type exception.
Posted: 08/20/2012 13:35:32
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

Innokentiy Ivanov wrote:
And what type is Cert.KeyMaterial (Cert.KeyMaterial.ClassName) of?

Is TEIPublickeyMaterial.
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.



Topic viewed 4879 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!