pkcs11interop

Pkcs11 - How to add signature to xml file?

别说谁变了你拦得住时间么 提交于 2019-12-13 03:26:17
问题 I've a problem that occurs when getting certificate and putting to xml file. Should I use private key for signing? I see only public key in certificate. There is no private key in my certificate. byte[] ckaIdd = objectAttributess[0].GetValueAsByteArray(); string ckaLabel = objectAttributess[1].GetValueAsString(); byte[] ckaValue = objectAttributess[2].GetValueAsByteArray(); var _rawData = ckaValue ?? throw new ArgumentNullException(nameof(ckaValue)); var _parsedCertificate = new

Pkcs11Exception: Method C_Initialize returned 2147483907

二次信任 提交于 2019-12-12 10:12:19
问题 I have a simply method to access my HSM with Pkcs11Interop. This is the function: static public byte[] findTargetKeySValue(String label, String type, string command) { try { string pkcs11LibraryPath = @"C:\Program Files\SafeNet\Protect Toolkit 5\Protect Toolkit C SDK\bin\hsm\cryptoki.dll"; Utility.Logger("cryptoki dll path " + pkcs11LibraryPath, command); using (Pkcs11 pkcs11 = new Pkcs11(pkcs11LibraryPath, Inter_Settings.AppType)) { // Find first slot with token present Slot slot = Inter

Import a private key using PKCS#11

血红的双手。 提交于 2019-12-11 16:45:23
问题 We're trying to import an RSA key pair using C# and PKCS#11 into our HSM. Importing the private key using: var privateKeyAttributes = new List<ObjectAttribute>(); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, ckaId)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY)); privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_RSA)); privateKeyAttributes.Add(new

How to use Pkcs11Interop with an NitroKey HSM to derive an shared secret with an EC

本秂侑毒 提交于 2019-12-10 11:13:37
问题 I bought a NitroKey HSM and manged to create an EC on it. Now I want to derive a shared secret. I found Pkcs11Interop, which seems to be the right tool for the job, but the handling is unclear. A code snipplet or link to a working project would be very appreciated. 回答1: You can take a look at Pkcs11Admin application for a real world sample using Pkcs11Interop library. As far as I remember NitroKey HSM should be used with OpenSC middleware so your unmanaged library implementing PKCS#11 API

Keys created from one HSM client are not available for use in another client

人盡茶涼 提交于 2019-12-10 11:07:46
问题 I am building a solution to store keys and encrypt\decrypt data using an HSM. I am using a network HSM manufactured by Thales. The thing I have noticed is that a key generated in client machine 1 is inaccessible in client machine 2. The key can only be used to encrypt\decrypt data in client machine 1. Is there any thing that needs to be changed in my implementation or is there something to be changed in net-HSM configuration to enable this. I am using PKCS11Iterop library for all the key

Is it possible to connect with a HSM without PIN using PKCS11INTEROP library?

家住魔仙堡 提交于 2019-12-08 04:10:54
问题 We are using PKCS11INTEROP library to connect with the NShield HSM. To perform any operation(generate/encrypt/decrypt) inside the HSM you need to first get the slot and then login to the slot using the PIN. This is all working as expected. NShield HSM allows your keys to be protected in two ways Module Protection and Token Protection. The NShield client software provides you a utility KSAFE to manage keys in the HSM. If you are using KSAFE utility and you want to protect your keys by module

Pkcs11Interop read key value from HSM

旧时模样 提交于 2019-12-08 01:01:48
问题 I'm trying to use Pkcs11Interop to extract the value of the key from the HSM. I know, the key has to stay in the HSM, but I need it, so... I already do it with NCryptoki and I'd like to do it also with Pkcs11Interop I tried this code: // Prepare attribute template that defines search criteria List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>(); objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_SECRET_KEY)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_KEY

Threadsafe usage of PKCS11Interop library in C# [closed]

…衆ロ難τιáo~ 提交于 2019-12-07 19:53:19
问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 2 years ago . I am using PKCS11Interop to perform Key Management operations inside an HSM. The HSM I am using is Thales PCI Express. Below is the class that wraps all operations being performed in HSM: public sealed class KeyStoreOperations { private KeyStoreContext m_keyStoreContext; private static Pkcs11 m_Pkcs11; private

Is it possible to connect with a HSM without PIN using PKCS11INTEROP library?

核能气质少年 提交于 2019-12-06 16:54:05
We are using PKCS11INTEROP library to connect with the NShield HSM. To perform any operation(generate/encrypt/decrypt) inside the HSM you need to first get the slot and then login to the slot using the PIN. This is all working as expected. NShield HSM allows your keys to be protected in two ways Module Protection and Token Protection. The NShield client software provides you a utility KSAFE to manage keys in the HSM. If you are using KSAFE utility and you want to protect your keys by module protection then you do not have to provide a PIN whereas PIN becomes mandatory if the key is to

Pkcs11Interop read key value from HSM

↘锁芯ラ 提交于 2019-12-06 09:40:02
I'm trying to use Pkcs11Interop to extract the value of the key from the HSM. I know, the key has to stay in the HSM, but I need it, so... I already do it with NCryptoki and I'd like to do it also with Pkcs11Interop I tried this code: // Prepare attribute template that defines search criteria List<ObjectAttribute> objectAttributes = new List<ObjectAttribute>(); objectAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_SECRET_KEY)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_DES)); objectAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, "MY_KEY")); // Find all
订阅 pkcs11interop