EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Error in "Cert.Keymaterial"

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#21071
Posted: 08/20/2012 10:01:58
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

Code
function TClsNFSeTiplan.CreateSignature(aString: string): string;
var
  InputBuffer, SignBuffer: TMemoryStream;
  S: string;
  Crypto      : TElRSAPublicKeyCrypto;
  KeyMaterial : TELRSAKeyMaterial;
  Cert        : TElX509Certificate;
  i: Integer;

  //License     : TElSBLicenseManager;
  //SBUtils     : TSBLicenseKeyRegKey;
begin
  // Carrega Certificado
  Cert           := TElX509Certificate.Create(nil);
  WinCertStorage := TElWinCertStorage.Create(nil);
  WinCertStorage.SystemStores.Text := 'MY';

  if (Assinador.NumeroSerie <> '') then
  begin
    for i := 0 to WinCertStorage.Count - 1 do
    begin
      Cert := WinCertStorage.Certificates[i];

      if (BinaryToString(Cert.SerialNumber) = Assinador.NumeroSerie) then
      begin
        Cert.Assign(WinCertStorage.Certificates[i]);
        Break;
      end;
      //FreeAndNil(Cert);
    end;
  end;

  // Step 1 : SHA1 AString;
  S := CalcHashStr(AString, haSHA1);  //sha1hash(AString, false);

  // Step 2 : Doe RSA met private key van Cert op AString;
  InputBuffer := TMemoryStream.Create;
  InputBuffer.Write(S[1], Length(S));
  InputBuffer.Position := 0;

  SignBuffer := TMemoryStream.Create;

  Crypto := TElRSAPublicKeyCrypto.Create();
  Crypto.InputEncoding  := pkeBinary;
  Crypto.OutputEncoding := pkeBase64;

  KeyMaterial := TELRSAKeyMaterial.Create;
  KeyMaterial.Assign(Cert.Keymaterial);

  Crypto.InputIsHash   := True;
  Crypto.HashAlgorithm := SB_ALGORITHM_DGST_SHA1;
  Crypto.KeyMaterial   := KeyMaterial;

  // Assinatura
  Crypto.SignDetached(InputBuffer, SignBuffer);

  SetLength(S, SignBuffer.Size);
  SignBuffer.Position := 0;
  SignBuffer.Read(S[1], SignBuffer.Size);

  Result := S;

  // Limpa tudo
  InputBuffer.Free;
  SignBuffer.Free;
  Crypto.Free;
  KeyMaterial.Free;

  FreeAndNil(WinCertStorage);  
end;


I have a problema in:

KeyMaterial := TELRSAKeyMaterial.Create;
KeyMaterial.Assign(Cert.Keymaterial);

Cert.Keymaterial awais nil.
What is wrong ?
#21072
Posted: 08/20/2012 10:10:38
by Ken Ivanov (EldoS Corp.)

Thank you for getting in touch with us.

Please use the Clone() method instead of Assign() to copy the contents of a certificate object to another object:

WinCertStorage.Certificates[i].Clone(Cert, false);
#21073
Posted: 08/20/2012 11:07:42
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

Can´t work too.

"Invalid key material type".

I'm using a certificate A3, could it be?

I need sign a string with RSA-SHA1.
Any have other way ?
Tkz
#21074
Posted: 08/20/2012 11:11:13
by Eugene Mayevski (EldoS Corp.)

Is the private key of your certificate marked as exportable?


Sincerely yours
Eugene Mayevski
#21075
Posted: 08/20/2012 11:12:18
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

PrivateKey ( Token A3 )

I´m have based in this post:

https://www.eldos.com/forum/read.php?PAGEN_3=1&FID=7&TID=911&sphrase_id=401507#nav_start_3
#21076
Posted: 08/20/2012 11:57:19
by Ken Ivanov (EldoS Corp.)

Quote
Can´t work too.
"Invalid key material type".


What exactly call does return this exception?
#21077
Posted: 08/20/2012 12:08:17
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

in:

KeyMaterial.Assign(Cert.Keymaterial);

I found this code is Primitives ( Samples )

Code
StreamKey := TFileStream.Create(editKeyFile.Text, fmOpenRead or fmShareDenyWrite);
        try
          if KeyMaterial is TElRSAKeyMaterial then
            TElRSAKeyMaterial(KeyMaterial).Passphrase := editPassphrase.Text
          else if KeyMaterial is TElDSAKeyMaterial then
            TElDSAKeyMaterial(KeyMaterial).Passphrase := editPassphrase.Text;
          KeyMaterial.LoadSecret(StreamKey);
        finally
          FreeAndNil(StreamKey);
        end;


Where "editKeyFile.Text" is a Private key container, but i cant have this, because is a A3 certificate private key is a hardware device.
It´s correct ?
#21078
Posted: 08/20/2012 13:24:04
by Ken Ivanov (EldoS Corp.)

And what type is Cert.KeyMaterial (Cert.KeyMaterial.ClassName) of?
#21079
Posted: 08/20/2012 13:26:24
by Ken Ivanov (EldoS Corp.)

Yes, you can't load the private key residing on a hardware device explicitly (as it is done in Primitives samples), still you can load it implicitly together with the corresponding certificate as you are trying to above. So currently we need to find out what is causing the Invalid Key Material Type exception.
#21081
Posted: 08/20/2012 13:35:32
by Bremen Sistemas (Basic support level)
Joined: 08/20/2012
Posts: 17

Quote
Innokentiy Ivanov wrote:
And what type is Cert.KeyMaterial (Cert.KeyMaterial.ClassName) of?


Is TEIPublickeyMaterial.
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 4061 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!