Comments (5)
Czesc Piotr, is this code sample what you are looking for?
using Net.Pkcs11Interop.Common;
using Net.Pkcs11Interop.HighLevelAPI;
using System;
using System.Collections.Generic;
namespace ConsoleApplication1
{
class Program
{
static void Main(string[] args)
{
// Load PKCS#11 library
using (Pkcs11 pkcs11 = new Pkcs11("pkcs11-mock-x64.dll", true))
{
// Get first slot with token present and open RW session
using (Session session = pkcs11.GetSlotList(true)[0].OpenSession(false))
{
// Login as normal user
session.Login(CKU.CKU_USER, "11111111");
// The CKA_ID attribute is intended as a means of distinguishing multiple key pairs held by the same subject
byte[] ckaId = session.GenerateRandom(20);
// Prepare attribute template of new public key
List<ObjectAttribute> publicKeyAttributes = new List<ObjectAttribute>();
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, false));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, "Pkcs11Interop"));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ENCRYPT, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_VERIFY, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_VERIFY_RECOVER, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_WRAP, true));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_MODULUS_BITS, 1024));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PUBLIC_EXPONENT, new byte[] { 0x01, 0x00, 0x01 }));
// Prepare attribute template of new private key
List<ObjectAttribute> privateKeyAttributes = new List<ObjectAttribute>();
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_TOKEN, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_PRIVATE, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, "Pkcs11Interop"));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_ID, ckaId));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SENSITIVE, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_DECRYPT, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_SIGN_RECOVER, true));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_UNWRAP, true));
// Specify key generation mechanism
Mechanism mechanism = new Mechanism(CKM.CKM_RSA_PKCS_KEY_PAIR_GEN);
// Generate key pair
ObjectHandle publicKeyHandle = null;
ObjectHandle privateKeyHandle = null;
session.GenerateKeyPair(mechanism, publicKeyAttributes, privateKeyAttributes, out publicKeyHandle, out privateKeyHandle);
// Logout from session
session.Logout();
}
}
// Load PKCS#11 library
using (Pkcs11 pkcs11 = new Pkcs11("pkcs11-mock-x64.dll", true))
{
// Get first slot with token present and open RO session
using (Session session = pkcs11.GetSlotList(true)[0].OpenSession(true))
{
// Login as normal user
session.Login(CKU.CKU_USER, "11111111");
// Prepare attribute template that defines search criteria for public key
List<ObjectAttribute> publicKeyAttributes = new List<ObjectAttribute>();
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_PUBLIC_KEY));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_RSA));
publicKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, "Pkcs11Interop"));
// Find all objects that match provided attributes
List<ObjectHandle> foundPublicKeys = session.FindAllObjects(publicKeyAttributes);
if (foundPublicKeys == null || foundPublicKeys.Count != 1)
throw new Exception("Unable to find/identify public key");
// Keep public key handle
ObjectHandle publicKeyHandle = foundPublicKeys[0];
// Prepare attribute template that defines search criteria for private key
List<ObjectAttribute> privateKeyAttributes = new List<ObjectAttribute>();
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_CLASS, CKO.CKO_PRIVATE_KEY));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_KEY_TYPE, CKK.CKK_RSA));
privateKeyAttributes.Add(new ObjectAttribute(CKA.CKA_LABEL, "Pkcs11Interop"));
// Find all objects that match provided attributes
List<ObjectHandle> foundPrivateKeys = session.FindAllObjects(privateKeyAttributes);
if (foundPrivateKeys == null || foundPrivateKeys.Count != 1)
throw new Exception("Unable to find/identify private key");
// Keep public key handle
ObjectHandle privateKeyHandle = foundPrivateKeys[0];
// Do something interesting with publicKeyHandle and privateKeyHandle
// Logout from session
session.Logout();
}
}
}
}
}
from pkcs11interop.
Yes. This is it. Thank you.
from pkcs11interop.
I did what was written here but still ": 'Method C_GenerateKeyPair returned CKR_MECHANISM_INVALID'
"I get the error.
from pkcs11interop.
@TEngineer00 if you need to ask a question please open new issue with MCVE and don't resurrect old resolved ones.
from pkcs11interop.
OK. Can you help me with a new question title?
https://stackoverflow.com/questions/49584953/c-generatekeypair-returned-ckr-user-not-logged-in
from pkcs11interop.
Related Issues (20)
- Missing attribute CKA_NAME_HASH_ALGORITHM
- problem in Pkcs11Interop with new dll from epass 2003
- CKR_OPERATION_NOT_INITIALIZED in multithreaded application
- Missing param represents object handle
- Method C_Login returned CKR_SESSION_HANDLE_INVALID
- Incorrect CK_VERSION string value
- Get Key Value From HSM
- Not able to use C_Sign with yubikey PIV slot with CKA_ALWAYS_AUTHENTICATE HOT 5
- Linux : NativeULong as System.UInt32 causes error while accessing CK_GCM_PARAMS structure from PKCS11 standards HOT 2
- mac os compile problem MAUI .net core 7.0 how to fix ?
- SafeNet Data Objects HOT 7
- ComputeDigest/CreateDigestInfo - with newest Pkcs11Interop - how to ?
- C_Sign returned CKR_OPERATION_NOT_INITIALIZED in multithreaded application
- C_Encrypt with AES mechanism always returns with CKR_GENERAL_ERROR HOT 1
- C_FindObjects does return with nothing while running application in docker
- C_FindObjects does return with nothing while running application in docker HOT 3
- session.Decrypt returning garbage characters appended in PKCS#11 Multipart Decryption with Pkcs11Interop v 4.x.x
- CKR_DATA_INVALID when attempting to sign data using SignPath Cryptoki library HOT 6
- Getting a shared unique identifier for a smart card using PKCS#11 and CSP/minidriver HOT 2
- [Issue] PKCS11Interop.dll version 1.3.0 getting issue "The specified module could not be found"
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pkcs11interop.